dev: bump the safe group with 10 updates

[dependabot]

Bumps the safe group with 10 updates:

Package	From	To
@reduxjs/toolkit	2.7.0	2.8.1
@sentry/react	9.15.0	9.17.0
@babel/cli	7.27.1	7.27.2
@babel/preset-env	7.27.1	7.27.2
@inquirer/prompts	7.5.0	7.5.1
cypress	14.3.2	14.3.3
eslint-config-prettier	10.1.2	10.1.5
eslint-plugin-jsdoc	50.6.11	50.6.14
pg	8.15.6	8.16.0
webpack	5.99.7	5.99.8

Updates @reduxjs/toolkit from 2.7.0 to 2.8.1

Release notes

Sourced from @​reduxjs/toolkit's releases.

v2.8.1

This bugfix release makes an additional update to the package config to fix a regression that happened with Jest and jest-environment-jsdom.

Changes

More Package Updates

After releasing v2.8.0, we got reports that Jest tests were breaking. After investigation we concluded that jest-environment-jsdom was looking at the new browser package exports condition we'd added to better support JSPM, finding an ESM file containing the export keyword, and erroring because it doesn't support ES modules correctly.

reduxjs/redux-toolkit#4971 listed several viable workarounds, but this is enough of an issue we wanted to fix it directly. We've tweaked the package exports setup again, and it appears to resolve the issue with Jest.

What's Changed

• fix: browser exports condition by @​aryaemami59 in reduxjs/redux-toolkit#4973

Full Changelog: reduxjs/redux-toolkit@v2.8.0...v2.8.1

v2.8.0

This feature release improves React Native compatibility by updating our package exports definitions, and adds queryArg as an additional parameter to infinite query page param functions.

Changelog

Package Exports and React Native Compatibility

Expo and the Metro bundler have been adding improved support for the exports field in package.json files, but those changes started printing warnings due to how some of our package definitions were configured.

We've reworked the package definitions (again!), and this should be resolved now.

update

This release ended up causing breakage in Jest due to jest-environment-jsdom trying to read the browser package exports condition ( see reduxjs/redux-toolkit#4971 for details). We've published v2.8.1 with an updated config that should resolve that.

Infinite Query Page Params

The signature for the getNext/PreviousPageParam functions has been:

(
    lastPage: DataType,
    allPages: Array<DataType>,
    lastPageParam: PageParam,
    allPageParams: Array<PageParam>,
  ) => PageParam | undefined | null

This came directly from React Query's API and implementation.

We've had some requests to make the endpoint's queryArg available in page param functions. For React Query, that isn't necessary because the callbacks are defined inline when you call the useInfiniteQuery hook, so you've already got the query arg available in scope and can use it. Since RTK Query defines these callbacks as part of the endpoint definition, the query arg isn't in scope.

... (truncated)

Commits

• cb089e6 Release 2.8.1
• 6a38c5c fix: browser exports condition (#4973)
• 82a0ae4 Release 2.8.0
• 29bea2a Assorted pre-2.8 docs tweaks (#4968)
• 68bf4b6 Add queryArg as 5th param to page param functions (#4967)
• 20f4579 fix: React-Native package exports (#4887)
• 5c1e01d Merge pull request #4965 from n-ii-ma/master
• fdc1c8e fix: add missing verb
• 91c3baa chore: update Expo example app (#4889)
• 49c22bf chore: update React-Native example app (#4888)
• Additional commits viewable in compare view

Updates @sentry/react from 9.15.0 to 9.17.0

Release notes

Sourced from @​sentry/react's releases.

9.17.0

• feat(node): Migrate to @fastify/otel (#15542)

Bundle size 📦

Path	Size
@​sentry/browser	23.35 KB
@​sentry/browser - with treeshaking flags	23.19 KB
@​sentry/browser (incl. Tracing)	37.25 KB
@​sentry/browser (incl. Tracing, Replay)	74.47 KB
@​sentry/browser (incl. Tracing, Replay) - with treeshaking flags	68.34 KB
@​sentry/browser (incl. Tracing, Replay with Canvas)	79.12 KB
@​sentry/browser (incl. Tracing, Replay, Feedback)	90.93 KB
@​sentry/browser (incl. Feedback)	39.75 KB
@​sentry/browser (incl. sendFeedback)	27.98 KB
@​sentry/browser (incl. FeedbackAsync)	32.74 KB
@​sentry/react	25.16 KB
@​sentry/react (incl. Tracing)	39.24 KB
@​sentry/vue	27.63 KB
@​sentry/vue (incl. Tracing)	39.01 KB
@​sentry/svelte	23.38 KB
CDN Bundle	24.55 KB
CDN Bundle (incl. Tracing)	37.29 KB
CDN Bundle (incl. Tracing, Replay)	72.33 KB
CDN Bundle (incl. Tracing, Replay, Feedback)	77.64 KB
CDN Bundle - uncompressed	71.62 KB
CDN Bundle (incl. Tracing) - uncompressed	110.34 KB
CDN Bundle (incl. Tracing, Replay) - uncompressed	221.63 KB
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed	234.15 KB
@​sentry/nextjs (client)	40.84 KB
@​sentry/sveltekit (client)	37.73 KB
@​sentry/node	151.37 KB
@​sentry/node - without tracing	95.77 KB
@​sentry/aws-serverless	120.16 KB

9.16.1

• fix(core): Make sure logs get flushed in server-runtime-client (#16222)
• ref(node): Remove vercel flushing code that does nothing (#16217)

Bundle size 📦

Path	Size
@​sentry/browser	23.35 KB
@​sentry/browser - with treeshaking flags	23.19 KB
@​sentry/browser (incl. Tracing)	37.25 KB
@​sentry/browser (incl. Tracing, Replay)	74.47 KB
@​sentry/browser (incl. Tracing, Replay) - with treeshaking flags	68.34 KB
@​sentry/browser (incl. Tracing, Replay with Canvas)	79.12 KB

... (truncated)

Changelog

Sourced from @​sentry/react's changelog.

9.17.0

• feat(node): Migrate to @fastify/otel (#15542)

9.16.1

• fix(core): Make sure logs get flushed in server-runtime-client (#16222)
• ref(node): Remove vercel flushing code that does nothing (#16217)

9.16.0

Important changes

• feat: Create a Vite plugin that injects sentryConfig into the global config (#16197)

Add a new plugin makeConfigInjectorPlugin within our existing vite plugin that updates the global vite config with sentry options

• feat(browser): Add option to sample linked traces consistently (#16037)

This PR implements consistent sampling across traces as outlined in (#15754)

• feat(cloudflare): Add support for durable objects (#16180)

This PR introduces a new instrumentDurableObjectWithSentry method to the SDK, which instruments durable objects. We capture both traces and errors automatically.

• feat(node): Add Prisma integration by default (#16073)

Prisma integration is enabled by default, it should work for both ESM and CJS.

• feat(react-router): Add client-side router instrumentation (#16185)

Adds client-side instrumentation for react router's HydratedRouter. To enable it, simply replace browserTracingIntegration() with reactRouterTracingIntegration() in your client-side init call.

• fix(node): Avoid double-wrapping http module (#16177)

When running your application in ESM mode, there have been scenarios that resulted in the http/https emitting duplicate spans for incoming requests. This was apparently caused by us double-wrapping the modules for incoming request isolation.

In order to solve this problem, the modules are no longer monkey patched by us for request isolation. Instead, we register diagnosticschannel hooks to handle request isolation now. While this is generally not expected to break anything, there is one tiny change that _may affect you if you have been relying on very specific functionality:

The ignoreOutgoingRequests option of httpIntegration receives the RequestOptions as second argument. This type is not changed, however due to how the wrapping now works, we no longer pass through the full RequestOptions, but re-construct this partially based on the generated request. For the vast majority of cases, this should be fine, but for the sake of completeness, these are the only fields that may be available there going forward - other fields that may have existed before may no longer be set:

ignoreOutgoingRequests(url: string, {
  method: string;
  protocol: string;
  host: string;
  hostname: string; // same as host
  path: string;
  headers: OutgoingHttpHeaders;
</tr></table> 

... (truncated)

Commits

• cbf3d99 release: 9.17.0
• ef1f86b Merge pull request #16234 from getsentry/prepare-release/9.17.0
• 16af311 meta(changelog): Update changelog for 9.17.0
• 86794dd feat(node): Migrate to @fastify/otel (#15542)
• 57893e2 Merge pull request #16224 from getsentry/master
• 47f8bc6 Merge branch 'release/9.16.1'
• 1603866 release: 9.16.1
• 30487a1 Merge pull request #16223 from getsentry/prepare-release/9.16.1
• a1bdb3c meta(changelog): Update changelog for 9.16.1
• 22a0e35 fix(core): Make sure logs get flushed in server-runtime-client (#16222)
• Additional commits viewable in compare view

Updates @babel/cli from 7.27.1 to 7.27.2

Release notes

Sourced from @​babel/cli's releases.

v7.27.2 (2025-05-06)

🐛 Bug Fix

• babel-parser
  • #17289 fix: @babel/parser/bin/index.js contains node: protocol require (@​liuxingbaoyu)
  • #17291 fix: Private class method not found when TS and estree (@​liuxingbaoyu)
• babel-plugin-transform-object-rest-spread
  • #17281 Fix: improve object rest handling in array pattern (@​JLHwung)
• babel-plugin-transform-modules-commonjs, babel-template
  • #17284 fix(babel-template): Properly handle empty string replacements (@​magic-akari)

🏃‍♀️ Performance

• babel-cli
  • #17285 Enable Node compile cache for @babel/cli (@​JLHwung)

Committers: 5

• Babel Bot (@​babel-bot)
• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• @​liuxingbaoyu
• @​magic-akari

Changelog

Sourced from @​babel/cli's changelog.

v7.27.2 (2025-05-06)

🐛 Bug Fix

• babel-parser
  • #17289 fix: @babel/parser/bin/index.js contains node: protocol require (@​liuxingbaoyu)
  • #17291 fix: Private class method not found when TS and estree (@​liuxingbaoyu)
• babel-plugin-transform-object-rest-spread
  • #17281 Fix: improve object rest handling in array pattern (@​JLHwung)
• babel-plugin-transform-modules-commonjs, babel-template
  • #17284 fix(babel-template): Properly handle empty string replacements (@​magic-akari)

🏃‍♀️ Performance

• babel-cli
  • #17285 Enable Node compile cache for @babel/cli (@​JLHwung)

Commits

• a8080cd v7.27.2
• d42174e Enable Node compile cache for @babel/cli (#17285)
• See full diff in compare view

Updates @babel/preset-env from 7.27.1 to 7.27.2

Release notes

Sourced from @​babel/preset-env's releases.

v7.27.2 (2025-05-06)

🐛 Bug Fix

• babel-parser
  • #17289 fix: @babel/parser/bin/index.js contains node: protocol require (@​liuxingbaoyu)
  • #17291 fix: Private class method not found when TS and estree (@​liuxingbaoyu)
• babel-plugin-transform-object-rest-spread
  • #17281 Fix: improve object rest handling in array pattern (@​JLHwung)
• babel-plugin-transform-modules-commonjs, babel-template
  • #17284 fix(babel-template): Properly handle empty string replacements (@​magic-akari)

🏃‍♀️ Performance

• babel-cli
  • #17285 Enable Node compile cache for @babel/cli (@​JLHwung)

Committers: 5

• Babel Bot (@​babel-bot)
• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• @​liuxingbaoyu
• @​magic-akari

Changelog

Sourced from @​babel/preset-env's changelog.

v7.27.2 (2025-05-06)

🐛 Bug Fix

• babel-parser
  • #17289 fix: @babel/parser/bin/index.js contains node: protocol require (@​liuxingbaoyu)
  • #17291 fix: Private class method not found when TS and estree (@​liuxingbaoyu)
• babel-plugin-transform-object-rest-spread
  • #17281 Fix: improve object rest handling in array pattern (@​JLHwung)
• babel-plugin-transform-modules-commonjs, babel-template
  • #17284 fix(babel-template): Properly handle empty string replacements (@​magic-akari)

🏃‍♀️ Performance

• babel-cli
  • #17285 Enable Node compile cache for @babel/cli (@​JLHwung)

Commits

• a8080cd v7.27.2
• b9c6efb Use .d.ts in import when importing a .d.ts file (#17288)
• 1e0bdac [Babel 8] Directly export the JSON files from @babel/compat-data (#17267)
• See full diff in compare view

Updates @inquirer/prompts from 7.5.0 to 7.5.1

Commits

• 50bac82 Publish
• c2fcf6e Fix(@​inquirer/core): Add SIGINT handler to make sure the prompt throw an exit...
• 8378f64 Chore: Prepack script to delete workspaces:* devDependencies (#1742)
• f22f937 Chore(deps-dev): Bump the linting group with 4 updates (#1739)
• ade7de3 Chore(deps-dev): Bump @​types/node from 22.15.2 to 22.15.3 (#1740)
• 5533964 Chore(deps): Bump vite from 6.2.6 to 6.3.4 in the npm_and_yarn group (#1734)
• 36ae95a Chore(deps-dev): Bump @​types/node from 22.14.1 to 22.15.2 (#1732)
• baeac6c Chore(deps-dev): Bump the linting group with 4 updates (#1729)
• 1307aaf Chore(deps-dev): Bump the testing group with 3 updates (#1730)
• 26f5fe1 Chore(deps-dev): Bump turbo from 2.5.0 to 2.5.2 (#1731)
• See full diff in compare view

Updates cypress from 14.3.2 to 14.3.3

Release notes

Sourced from cypress's releases.

v14.3.3

Changelog: https://docs.cypress.io/app/references/changelog#14-3-3

Commits

• 242fb56 chore: release 14.3.3 (#31650)
• 2e57751 internal: update data-cy for cloud studio in studio.cy.ts (#31649)
• 1119625 fix: no longer hang when piping stdout+stderr to a file under certain conditi...
• 6d03bd0 chore: updating v8 snapshot cache (#31647)
• 5b8032a chore: updating v8 snapshot cache (#31646)
• 182e636 chore: updating v8 snapshot cache (#31645)
• 8cf4aad chore: fix duplicate changelog entry (#31644)
• 7e14583 chore: Update Chrome (stable) to 136.0.7103.59 and Chrome (beta) to 137.0.715...
• 53f7aae misc: Assertion dropdown UI update (#31598)
• acaaf30 chore: (studio) set up infrastructure for cypress in cypress tests for cloud ...
• Additional commits viewable in compare view

Updates eslint-config-prettier from 10.1.2 to 10.1.5

Release notes

Sourced from eslint-config-prettier's releases.

v10.1.5

Patch Changes

• #332 60fef02 Thanks @​JounQin! - chore: add funding field into package.json

Full Changelog: prettier/eslint-config-prettier@v10.1.4...v10.1.5

v10.1.4

Patch Changes

• #328 94b4799 Thanks @​silvenon! - fix(cli): do not crash on no rules configured

Full Changelog: prettier/eslint-config-prettier@v10.1.3...v10.1.4

v10.1.3

Patch Changes

• #325 4e95a1d Thanks @​pilikan! - fix: this package is commonjs, align its types correctly

New Contributors

• @​pilikan made their first contribution in prettier/eslint-config-prettier#325

Full Changelog: prettier/eslint-config-prettier@v10.1.2...v10.1.3

Changelog

Sourced from eslint-config-prettier's changelog.

10.1.5

Patch Changes

• #332 60fef02 Thanks @​JounQin! - chore: add funding field into package.json

10.1.4

Patch Changes

• #328 94b4799 Thanks @​silvenon! - fix(cli): do not crash on no rules configured

10.1.3

Patch Changes

• #325 4e95a1d Thanks @​pilikan! - fix: this package is commonjs, align its types correctly

Commits

• 4c94893 chore: release eslint-config-prettier (#333)
• 60fef02 chore: add funding field into package.json (#332)
• f55501f chore: release eslint-config-prettier (#329)
• 50a8a22 chore(deps): update all dependencies (#330)
• 94b4799 fix(cli): do not crash on no rules configured (#328)
• cdc4a5c chore: release eslint-config-prettier (#326)
• 4e95a1d fix: this package is commonjs, align its types correctly (#325)
• See full diff in compare view

Updates eslint-plugin-jsdoc from 50.6.11 to 50.6.14

Release notes

Sourced from eslint-plugin-jsdoc's releases.

v50.6.14

50.6.14 (2025-05-10)

Bug Fixes

• lines-before-block: Switch to a whitelist of punctuators (#1385) (0a30832)

v50.6.13

50.6.13 (2025-05-10)

Bug Fixes

• lines-before-block: Only trigger after ';', '}', '|', and '&' (#1383) (19fa3dc), closes #1379 #1343

v50.6.12

50.6.12 (2025-05-10)

Bug Fixes

• no-undefined-types: workaround parse-imports-exports bug in handling trailing whitespace; fixes #1373 (#1384) (f32989c)

Commits

• 0a30832 fix(lines-before-block): Switch to a whitelist of punctuators (#1385)
• 19fa3dc fix(lines-before-block): Only trigger after ';', '}', '|', and '&' (#1383)
• f32989c fix(no-undefined-types): workaround parse-imports-exports bug in handling...
• See full diff in compare view

Updates pg from 8.15.6 to 8.16.0

Changelog

Sourced from pg's changelog.

pg@8.16.0

• Add support for min connection pool size.

pg@8.15.0

• Add support for esm importing. CommonJS importing is still also supported.

pg@8.14.0

• Add support from SCRAM-SAH-256-PLUS i.e. channel binding.

pg@8.13.0

• Add ability to specify query timeout on per-query basis.

pg@8.12.0

• Add queryMode config option to force use of the extended query protocol on queries without any parameters.

pg-pool@8.10.0

• Emit release event when client is returned to the pool.

pg@8.9.0

• Add support for stream factory.
• Better errors for SASL authentication.
• Use native crypto module for SASL authentication.

pg@8.8.0

• Bump minimum required version of native bindings.
• Catch previously uncatchable errors thrown in pool.query.
• Prevent the pool from blocking the event loop if all clients are idle (and allowExitOnIdle is enabled).
• Support lock_timeout in client config.
• Fix errors thrown in callbacks from interfering with cleanup.

pg-pool@3.5.0

• Add connection lifetime limit config option.

pg@8.7.0

• Add optional config to pool to allow process to exit if pool is idle.

pg-cursor@2.7.0

• Convert to es6 class
• Add support for promises to cursor methods

... (truncated)

Commits

• abff18d Publish
• 52ec129 build(deps-dev): bump @​cloudflare/vitest-pool-workers (#3456)
• 980752c Hard-pin 3rd party dependencies (#3450)
• f528433 chore: minor eslint fixes, reenable no-unused vars (#3445)
• 9e7a5d9 Replace all usages of var with let / const - eslint auto applied (#3444)
• See full diff in compare view

Updates webpack from 5.99.7 to 5.99.8

Release notes

Sourced from webpack's releases.

v5.99.8

Fixes

• Fixed type error with latest @types/node
• Fixed typescript types

Commits

• a9cbd85 chore(release): 5.99.8
• 5cc6615 fix: type error with latest @​types/node (#19501)
• 0f42dc5 docs: update examples (#19490)
• ebeace3 chore(deps-dev): bump less-loader (#19488)
• 3f36f91 chore: update comments (#19487)
• bc25829 fix: a lot of types (#19486)
• ea3ba3d build: refactor scripts and categorizing them
• 45f0e49 chore: add more benchmark cases (#19481)
• 56dd6ca chore(deps-dev): bump core-js in the dependencies group (#19482)
• 5d8f2c9 ci: using codspeed for benchmarks (#19476)
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
cypress	[>= 9.a, < 10]
cypress	[>= 10.a, < 11]
@babel/preset-env	[>= 7.18.a, < 7.19]
eslint-plugin-jsdoc	[>= 39.6.a, < 39.7]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions