chore(deps): bump the auth-ui-package-updates group across 1 directory with 17 updates by dependabot[bot] · Pull Request #65151 · apache/airflow

dependabot · 2026-04-13T14:07:08Z

Bumps the auth-ui-package-updates group with 17 updates in the /airflow-core/src/airflow/api_fastapi/auth/managers/simple/ui directory:

Package	From	To
@hey-api/openapi-ts	`0.94.3`	`0.95.0`
@tanstack/react-query	`5.91.2`	`5.97.0`
axios	`1.13.6`	`1.15.0`
react	`19.2.4`	`19.2.5`
react-cookie	`8.0.1`	`8.1.0`
react-dom	`19.2.4`	`19.2.5`
react-hook-form	`7.71.2`	`7.72.1`
react-router-dom	`7.13.1`	`7.14.0`
@eslint/compat	`2.0.3`	`2.0.5`
@typescript-eslint/eslint-plugin	`8.57.1`	`8.58.1`
@typescript-eslint/parser	`8.57.1`	`8.58.1`
@typescript-eslint/utils	`8.57.1`	`8.58.1`
@vitest/coverage-v8	`4.1.0`	`4.1.4`
eslint	`10.0.3`	`10.2.0`
eslint-plugin-perfectionist	`5.7.0`	`5.8.0`
typescript-eslint	`8.57.1`	`8.58.1`
vitest	`4.1.0`	`4.1.4`

Updates @hey-api/openapi-ts from 0.94.3 to 0.95.0

Release notes

Sourced from @hey-api/openapi-ts's releases.

@hey-api/openapi-ts@0.95.0

Minor Changes

plugin(valibot): remove request data schema (#3671) (96f60ad) by @mrlubos

Validator request schemas

Valibot plugin no longer exports composite request Data schemas. Instead, each layer is exported as a separate schema. If you're using validators with SDKs, you can preserve the composite schema with shouldExtract:
export default {
  input: "hey-api/backend", // sign up at app.heyapi.dev
  output: "src/client",
  plugins: [
    // ...other plugins
    {
      name: "sdk",
      validator: "valibot",
    },
    {
      name: "valibot",
      requests: {
        shouldExtract: true,
      },
    },
  ],
};
internal: remove plugin.getSymbol() function (#3671) (96f60ad) by @mrlubos

Removed plugin.getSymbol() function

This function has been removed. You can use plugin.querySymbol() instead. It accepts the same arguments and returns the same result.

plugin(zod): remove request data schema (#3671) (96f60ad) by @mrlubos

Validator request schemas

Zod plugin no longer exports composite request Data schemas. Instead, each layer is exported as a separate schema. If you're using validators with SDKs, you can preserve the composite schema with shouldExtract:
export default {
  input: "hey-api/backend", // sign up at app.heyapi.dev
  output: "src/client",
  plugins: [
    // ...other plugins
    {
      name: "sdk",
      validator: "zod",
</tr></table> 

... (truncated)

Changelog

Sourced from @hey-api/openapi-ts's changelog.

@hey-api/openapi-ts 0.95.0

Updates

internal: remove plugin.getSymbol() function (#3671)

Removed plugin.getSymbol() function

This function has been removed. You can use plugin.querySymbol() instead. It accepts the same arguments and returns the same result.

Plugins

@hey-api/client-angular

improve beforeRequest typing (#3660)

@hey-api/client-axios

improve beforeRequest typing (#3660)

@hey-api/client-fetch

improve beforeRequest typing (#3660)

@hey-api/client-ky

improve beforeRequest typing (#3660)

@hey-api/client-next

improve beforeRequest typing (#3660)

@hey-api/sdk

improve types for SSE events (#3466)

orpc

adjust input shape (#3671)

valibot

remove request data schema (#3671)

Validator request schemas

Valibot plugin no longer exports composite request Data schemas. Instead, each layer is exported as a separate schema. If you're using validators with SDKs, you can preserve the composite schema with shouldExtract:
export default {
</tr></table> 

... (truncated)

Commits

5e1eaea Merge pull request #3664 from hey-api/changeset-release/main
acd0e9d ci: release
632638f Merge pull request #3675 from hey-api/refactor/dsl-from-value
8aa4698 refactor: rename fromValue file to from-value
11db9af Merge pull request #3674 from hey-api/docs/sponsors-mintlify-3
a32e70b docs: remove Mintlify from sponsors
3efbe9b Merge pull request #3673 from hey-api/docs/sponsors-mintlify-2
bd2bf6e docs: remove Mintlify from sponsors
1162b4a Merge pull request #3672 from hey-api/docs/soon-to-vote
5f696b7 docs: update soon label to vote
Additional commits viewable in compare view

Updates @tanstack/react-query from 5.91.2 to 5.97.0

Release notes

Sourced from @tanstack/react-query's releases.

@tanstack/react-query-devtools@5.97.0

Patch Changes

Updated dependencies []:

@tanstack/query-devtools@5.97.0

@tanstack/react-query@5.97.0

@tanstack/react-query-next-experimental@5.97.0

Patch Changes

Updated dependencies []:

@tanstack/react-query@5.97.0

@tanstack/react-query-persist-client@5.97.0

Patch Changes

Updated dependencies []:

@tanstack/query-persist-client-core@5.97.0

@tanstack/react-query@5.97.0

@tanstack/react-query@5.97.0

Patch Changes

Updated dependencies [2bfb12c]:

@tanstack/query-core@5.97.0

@tanstack/react-query-devtools@5.96.2

Patch Changes

Updated dependencies []:

@tanstack/query-devtools@5.96.2

@tanstack/react-query@5.96.2

@tanstack/react-query-next-experimental@5.96.2

Patch Changes

Updated dependencies []:

@tanstack/react-query@5.96.2

@tanstack/react-query-persist-client@5.96.2

Patch Changes

Updated dependencies []:

@tanstack/query-persist-client-core@5.96.2

@tanstack/react-query@5.96.2

@tanstack/react-query@5.96.2

Patch Changes

Updated dependencies []:

... (truncated)

Changelog

Sourced from @tanstack/react-query's changelog.

5.97.0

Patch Changes

Updated dependencies [2bfb12c]:

@tanstack/query-core@5.97.0

5.96.2

Patch Changes

Updated dependencies []:

@tanstack/query-core@5.96.2

5.96.1

Patch Changes

Updated dependencies []:

@tanstack/query-core@5.96.1

5.96.0

Patch Changes

Updated dependencies []:

@tanstack/query-core@5.96.0

5.95.2

Patch Changes

Updated dependencies [cd5a35b]:

@tanstack/query-core@5.95.2

5.95.1

Patch Changes

Updated dependencies [1f1775c]:

@tanstack/query-core@5.95.1

5.95.0

Patch Changes

Updated dependencies []:

@tanstack/query-core@5.95.0

5.94.5

... (truncated)

Commits

125067c ci: Version Packages (#10436)
f699190 test(react-query): replace hardcoded query keys with 'queryKey()' utility (#1...
f3d3eea test(*): replace deprecated 'toMatchTypeOf' with 'toExtend' (#10413)
3d6e001 test(react-query/useSuspenseQueries): replace 'async/await sleep' with 'sleep...
7d7a21c test(react-query): replace 'async/await sleep' with 'sleep().then()' in test ...
5ca721f ci: Version Packages (#10379)
75052a7 ci: Version Packages (#10370)
73e783b ci: Version Packages (#10364)
14a97b7 test(react-query): replace 'import React' with 'import * as React' in 'usePre...
fd8c068 test({react,preact}-query/useSuspenseQueries): merge redundant second 'descri...
Additional commits viewable in compare view

Updates axios from 1.13.6 to 1.15.0

Release notes

Sourced from axios's releases.

v1.15.0

This release delivers two critical security patches, adds runtime support for Deno and Bun, and includes significant CI hardening, documentation improvements, and routine dependency updates.

⚠️ Important Changes

Deprecation: url.parse() usage has been replaced to address Node.js deprecation warnings. If you are on a recent version of Node.js, this resolves console warnings you may have been seeing. (#10625)

🔒 Security Fixes

Proxy Handling: Fixed a no_proxy hostname normalisation bypass that could lead to Server-Side Request Forgery (SSRF). (#10661)

Header Injection: Fixed an unrestricted cloud metadata exfiltration vulnerability via a header injection chain. (#10660)

🚀 New Features

Runtime Support: Added compatibility checks and documentation for Deno and Bun environments. (#10652, #10653)

🔧 Maintenance & Chores

CI Security: Hardened workflow permissions to least privilege, added the zizmor security scanner, pinned action versions, and gated npm publishing with OIDC and environment protection. (#10618, #10619, #10627, #10637, #10666)

Dependencies: Bumped serialize-javascript, handlebars, picomatch, vite, and denoland/setup-deno to latest versions. Added a 7-day Dependabot cooldown period. (#10574, #10572, #10568, #10663, #10664, #10665, #10669, #10670, #10616)

Documentation: Unified docs, improved beforeRedirect credential leakage example, clarified withCredentials/withXSRFToken behaviour, HTTP/2 support notes, async/await timeout error handling, header case preservation, and various typo fixes. (#10649, #10624, #7452, #7471, #10654, #10644, #10589)

Housekeeping: Removed stale files, regenerated lockfile, and updated sponsor scripts and blocks. (#10584, #10650, #10582, #10640, #10659, #10668)

Tests: Added regression coverage for urlencoded Content-Type casing. (#10573)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve Axios:

@raashish1601 (#10573)

@Kilros0817 (#10625)

@ashstrc (#10624)

@Abhi3975 (#10589)

@theamodhshetty (#7452)

v1.14.0

This release focuses on compatibility fixes, adapter stability improvements, and test/tooling modernisation.

⚠️ Important Changes

Breaking Changes: None identified in this release.

Action Required: If you rely on env-based proxy behaviour or CJS resolution edge-cases, validate your integration after upgrade (notably proxy-from-env v2 alignment and main entry compatibility fix).

🚀 New Features

Runtime Features: No new end-user features were introduced in this release.

Test Coverage Expansion: Added broader smoke/module test coverage for CJS and ESM package usage. (#7510)

🐛 Bug Fixes

Headers: Trim trailing CRLF in normalised header values. (#7456)

HTTP/2: Close detached HTTP/2 sessions on timeout to avoid lingering sessions. (#7457)

Fetch Adapter: Cancel ReadableStream created during request-stream capability probing to prevent async resource leaks. (#7515)

Proxy Handling: Fixed env proxy behavior with proxy-from-env v2 usage. (#7499)

... (truncated)

Changelog

Sourced from axios's changelog.

v1.15.0 — April 7, 2026

This release delivers two critical security patches targeting header injection and SSRF via proxy bypass, adds official runtime support for Deno and Bun, and includes significant CI security hardening.

🔒 Security Fixes

Header Injection (CRLF): Rejects any header value containing \r or \n characters to block CRLF injection chains that could be used to exfiltrate cloud metadata (IMDS). Behavior change: headers with CR/LF now throw "Invalid character in header content". (#10660)

SSRF via no_proxy Bypass: Introduces a shouldBypassProxy helper that normalises hostnames (strips trailing dots, handles bracketed IPv6) before evaluating no_proxy/NO_PROXY rules, closing a gap that could cause loopback or internal hosts to be inadvertently proxied. (#10661)

🚀 New Features

Deno & Bun Runtime Support: Added full smoke test suites for Deno and Bun, with CI workflows that run both runtimes before any release is cut. (#10652)

🐛 Bug Fixes

Node.js v22 Compatibility: Replaced deprecated url.parse() calls with the WHATWG URL/URLSearchParams API across examples, sandbox, and tests, eliminating DEP0169 deprecation warnings on Node.js v22+. (#10625)

🔧 Maintenance & Chores

CI Security Hardening: Added zizmor GitHub Actions security scanner; switched npm publish to OIDC Trusted Publishing (removing the long-lived NODE_AUTH_TOKEN); pinned all action references to full commit SHAs; narrowed workflow permissions to least privilege; gated the publish step behind a dedicated npm-publish environment; and blocked the sponsor-block workflow from running on forks. (#10618, #10619, #10627, #10637, #10641, #10666)

Docs: Clarified HTTP/2 support and the unsupported httpVersion option; added documentation for header case preservation; improved the beforeRedirect example to prevent accidental credential leakage. (#10644, #10654, #10624)

Dependencies: Bumped picomatch, handlebars, serialize-javascript, vite (×3), denoland/setup-deno, and 4 additional dev dependencies to latest versions. (#10564, #10565, #10567, #10568, #10572, #10574, #10663, #10664, #10665, #10669, #10670)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

@Kilros0817 (#10625)

@shaanmajid (#10616, #10617, #10618, #10619, #10637, #10641, #10666)

@ashstrc (#10624, #10644)

@Abhi3975 (#10589)

@raashish1601 (#10573)

Full Changelog

v1.14.0 — March 27, 2026

This release fixes a security vulnerability in the formidable dependency, resolves a CommonJS compatibility regression, hardens proxy and HTTP/2 handling, and modernises the build and test toolchain.

🔒 Security Fixes

Formidable Vulnerability: Upgraded formidable from v2 to v3 to address a reported arbitrary-file vulnerability. Updated test server and assertions to align with the v3 API. (#7533)

🐛 Bug Fixes

... (truncated)

Commits

772a4e5 chore(release): prepare release 1.15.0 (#10671)
4b07137 chore(deps-dev): bump vite from 8.0.0 to 8.0.5 in /tests/smoke/esm (#10663)
51e57b3 chore(deps-dev): bump vite from 8.0.2 to 8.0.5 (#10664)
fba1a77 chore(deps-dev): bump vite from 8.0.2 to 8.0.5 in /tests/module/esm (#10665)
0bf6e28 chore(deps): bump denoland/setup-deno in the github-actions group (#10669)
8107157 chore(deps-dev): bump the development_dependencies group with 4 updates (#10670)
e66530e ci: require npm-publish environment for releases (#10666)
49f23cb chore(sponsor): update sponsor block (#10668)
3631854 fix: unrestricted cloud metadata exfiltration via header injection chain (#10...
fb3befb fix: no_proxy hostname normalization bypass leads to ssrf (#10661)
Additional commits viewable in compare view

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.

Updates react from 19.2.4 to 19.2.5

Release notes

Sourced from react's releases.

19.2.5 (April 8th, 2026)

React Server Components

Add more cycle protections (#36236 by @eps1lon and @unstubbable)

Commits

23f4f9f 19.2.5
See full diff in compare view

Updates react-cookie from 8.0.1 to 8.1.0

Release notes

Sourced from react-cookie's releases.

v8.1.0

What's Changed

chore(deps): update dependency @types/react to ^19.0.12 by @renovate[bot] in ItsBenCodes/cookies#880

chore(deps): update dependency @types/express to ^5.0.1 by @renovate[bot] in ItsBenCodes/cookies#881

chore(deps): update dependency @types/node to ^22.13.11 by @renovate[bot] in ItsBenCodes/cookies#883

chore(deps): update dependency rollup to ^4.37.0 by @renovate[bot] in ItsBenCodes/cookies#884

chore(deps): lock file maintenance by @renovate[bot] in ItsBenCodes/cookies#885

chore(deps): update dependency @types/node to ^22.13.12 by @renovate[bot] in ItsBenCodes/cookies#886

chore(deps): update dependency @types/node to ^22.13.13 by @renovate[bot] in ItsBenCodes/cookies#887

chore(deps): update babel monorepo to ^7.27.0 by @renovate[bot] in ItsBenCodes/cookies#888

chore(deps): update dependency @types/node to ^22.13.14 by @renovate[bot] in ItsBenCodes/cookies#889

chore(deps): update yarn to v4.8.0 by @renovate[bot] in ItsBenCodes/cookies#890

fix(deps): update react monorepo to ^19.1.0 by @renovate[bot] in ItsBenCodes/cookies#891

chore(deps): update dependency rollup to ^4.38.0 by @renovate[bot] in ItsBenCodes/cookies#892

chore(deps): update yarn to v4.8.1 by @renovate[bot] in ItsBenCodes/cookies#893

chore(deps): lock file maintenance by @renovate[bot] in ItsBenCodes/cookies#894

chore(deps): update dependency @types/node to ^22.13.15 by @renovate[bot] in ItsBenCodes/cookies#896

chore(deps): update dependency @types/node to ^22.13.16 by @renovate[bot] in ItsBenCodes/cookies#897

chore(deps): update dependency @types/node to ^22.13.17 by @renovate[bot] in ItsBenCodes/cookies#898

chore(deps): update dependency rollup to ^4.39.0 by @renovate[bot] in ItsBenCodes/cookies#899

chore(deps): update react monorepo by @renovate[bot] in ItsBenCodes/cookies#900

chore(deps): update dependency @testing-library/react to ^16.3.0 by @renovate[bot] in ItsBenCodes/cookies#901

chore(deps): update dependency @types/node to ^22.14.0 by @renovate[bot] in ItsBenCodes/cookies#902

chore(deps): update dependency typescript to ^5.8.3 by @renovate[bot] in ItsBenCodes/cookies#904

chore(deps): lock file maintenance by @renovate[bot] in ItsBenCodes/cookies#905

chore(deps): update dependency webpack to ^5.99.0 by @renovate[bot] in ItsBenCodes/cookies#906

chore(deps): update dependency webpack to ^5.99.1 by @renovate[bot] in ItsBenCodes/cookies#907

chore(deps): update dependency webpack to ^5.99.2 by @renovate[bot] in ItsBenCodes/cookies#908

chore(deps): update dependency webpack to ^5.99.3 by @renovate[bot] in ItsBenCodes/cookies#909

chore(deps): update dependency webpack to ^5.99.4 by @renovate[bot] in ItsBenCodes/cookies#910

chore(deps): update dependency webpack to ^5.99.5 by @renovate[bot] in ItsBenCodes/cookies#911

chore(deps): update dependency @types/react-dom to ^19.1.2 by @renovate[bot] in ItsBenCodes/cookies#912

chore(deps): update yarn to v4.9.0 by @renovate[bot] in ItsBenCodes/cookies#913

chore(deps): update dependency @types/react to ^19.1.1 by @renovate[bot] in ItsBenCodes/cookies#914

chore(deps): update dependency lint-staged to ^15.5.1 by @renovate[bot] in ItsBenCodes/cookies#915

chore(deps): update dependency @types/node to ^22.14.1 by @renovate[bot] in ItsBenCodes/cookies#916

chore(deps): update dependency rollup to ^4.40.0 by @renovate[bot] in ItsBenCodes/cookies#917

chore(deps): lock file maintenance by @renovate[bot] in ItsBenCodes/cookies#918

chore(deps): update yarn to v4.9.1 by @renovate[bot] in ItsBenCodes/cookies#919

chore(deps): update dependency @types/react to ^19.1.2 by @renovate[bot] in ItsBenCodes/cookies#921

Upgrade libraries by @ItsBenCodes in ItsBenCodes/cookies#944

Potential fix for code scanning alert no. 1: Workflow does not contain permissions by @ItsBenCodes in ItsBenCodes/cookies#946

Potential fix for code scanning alert no. 2: Workflow does not contain permissions by @ItsBenCodes in ItsBenCodes/cookies#945

chore: fix types for react provider by @tstirrat15 in ItsBenCodes/cookies#939

fix: refactor useLayoutEffect to follow React Hook rules and update SSR tests by @deepen-404 in ItsBenCodes/cookies#920

Revert from .mts to .ts files by @ItsBenCodes in ItsBenCodes/cookies#947

Bump to v8.1.0 by @ItsBenCodes in ItsBenCodes/cookies#948

New Contributors

@tstirrat15 made their first contribution in ItsBenCodes/cookies#939

... (truncated)

Commits

e597546 Bump to v8.1.0 (#948)
9480fc5 Revert from .mts to .ts files (#947)
ba4bf65 fix: refactor useLayoutEffect to follow React Hook rules and update SSR tests...
99a80f7 chore: fix types for react components (#939)
a5ae6b9 Potential fix for code scanning alert no. 2: Workflow does not contain permis...
ac30565 Potential fix for code scanning alert no. 1: Workflow does not contain permis...
78cd882 Upgrade libraries (#944)
3442112 chore(deps): update dependency @types/react to ^19.1.2 (#921)
b988767 chore(deps): update yarn to v4.9.1 (#919)
060bf39 chore(deps): lock file maintenance (#918)
Additional commits viewable in compare view

Updates react-dom from 19.2.4 to 19.2.5

Release notes

Sourced from react-dom's releases.

19.2.5 (April 8th, 2026)

React Server Components

Add more cycle protections (#36236 by @eps1lon and @unstubbable)

Commits

23f4f9f 19.2.5
See full diff in compare view

Updates react-hook-form from 7.71.2 to 7.72.1

Release notes

Sourced from react-hook-form's releases.

Version 7.72.1

🐞 fix: add isDirty check for numeric string keys in defaultValues (issue #13346) (#13347) 🐞 fix: prevent setValue with shouldDirty from polluting unrelated dirty fields (#13326) 🐞 fix: memoize control in HookFormControlContext to prevent render conflicts (#13272) (#13312) 🐞 fix: isNameInFieldArray should check all ancestor paths for nested field arrays (#13318) 🐞 fix: #13320 formState.isValid incorrect on Controller re-mount (#13324)

thanks to @6810779s, @candymask0712, @olagokemills, @shahmir-oscilar & @bae080311

Version 7.72.0

⚓️ feat: built-in form level validate (#13195)
useForm({
  validate: async ({ formValues }: FormValidateResult) => {
    if (formValues.test1.length > formValues.test.length) {
      return {
        type: 'formError',
        message: 'something is wrong here',
      };
    }
if (formValues.test === 'test') {
  return 'direct error message';
}
return true;

},
});
🐞 fix: prevent useFieldArray from marking unrelated fields as dirty (#13299) 🐞 fix #13300 checkbox form validation ignored with native validation (#13310) 🌉 allow subscribe formState to track submit state (#13319)

thanks to @WiXSL, @BrendanC23 & @6810779s

Commits

724e563 7.72.1
ba649e9 🐞 test: add isDirty check for numeric string keys in defaultValues (issue #13...
2f56eb0 🛖 build(deps): bump yaml from 1.10.2 to 1.10.3 in /app (#13335)
f29f546 👯 combine duplicated code (#13328)
2cfc8a5 🐞 fix: prevent setValue with shouldDirty from polluting unrelated dirty field...
44e8815 🐞 fix: memoize control in HookFormControlContext to prevent render conflicts ...
302d160 🐞 fix: isNameInFieldArray should check all ancestor paths for nested field ar...
d7ccd70 🦾 dev deps upgrade (#13325)
fddf779 🐞 fix: #13320 formState.isValid incorrect on Controller re-mount (#13324)
26ae54e 🛖 build(deps-dev): bump rollup from 4.53.3 to 4.59.0 (#13323)
Additional commits viewable in compare view

Updates react-router-dom from 7.13.1 to 7.14.0

Changelog

Sourced from react-router-dom's changelog.

7.14.0

Patch Changes

Updated dependencies:

react-router@7.14.0

7.13.2

Patch Changes

Updated dependencies:

react-router@7.13.2

Commits

e31077b chore: Update version for release (#14945)
6683e85 chore: Update version for release (pre) (#14943)
aadb56f chore: Update version for release (#14908)
c68a9b3 chore: Update version for release (pre) (#14893)
See full diff in compare view

Updates @eslint/compat from 2.0.3 to 2.0.5

Release notes

Sourced from @eslint/compat's releases.

migrate-config: v2.0.5

2.0.5 (2026-04-03)

Dependencies

The following workspace dependencies were updated

dependencies

@eslint/compat bumped from ^2.0.3 to ^2.0.4

devDependencies

@eslint/core bumped from ^1.1.1 to ^1.2.0

compat: v2.0.5

2.0.5 (2026-04-08)

Dependencies

The following workspace dependencies were updated

dependencies

@eslint/core bumped from ^1.2.0 to ^1.2.1

migrate-config: v2.0.4

2.0.4 (2026-03-20)

Bug Fixes

update dependency @eslint/eslintrc to ^3.3.5 (#397) (8567c19)

compat: v2.0.4

2.0.4 (2026-04-03)

Dependencies

The following workspace dependencies were updated

dependencies

@eslint/core bumped from ^1.1.1 to ^1.2.0

Changelog

Sourced from @eslint/compat's changelog.

2.0.5 (2026-04-08)

Dependencies

The following workspace dependencies were updated

dependencies

@eslint/core bumped from ^1.2.0 to ^1.2.1

2.0.4 (2026-04-03)

Dependencies

The following workspace dependencies were updated

dependencies

@eslint/core bumped from ^1.1.1 to ^1.2.0

Commits

d2dbf7b chore: release main (#424)
fe114ee chore: release main (#413)
8863791 docs: Update README sponsors
835ddf9 docs: Update README sponsors
8cd3676 docs: Update README sponsors
4d73459 docs: Update README sponsors
a6c7a26 chore: update eslint and eslint-config-eslint (#401)
See full diff in compare view

Updates @typescript-eslint/eslint-plugin from 8.57.1 to 8.58.1

Release notes

Sourced from @typescript-eslint/eslint-plugin's releases.

v8.58.1

8.58.1 (2026-04-08)

🩹 Fixes

eslint-plugin: [no-unused-vars] fix false negative for type predicate parameter (#12004)

❤️ Thank You

MinJae @Ju-MINJAE

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.58.0

8.58.0 (2026-03-30)

🚀 Features

support TypeScript 6 (#12124)

🩹 Fixes

eslint-plugin: crash in no-unnecessary-type-arguments (#12163)

eslint-plugin: [no-extraneous-class] handle index signatures (#12142)

eslint-plugin: [prefer-regexp-exec] avoid fixing unknown RegExp flags (#12161)

❤️ Thank You

ej shafran @ej-shafranDescription has been truncated

…ates Bumps the auth-ui-package-updates group with 17 updates in the /airflow-core/src/airflow/api_fastapi/auth/managers/simple/ui directory: | Package | From | To | | --- | --- | --- | | [@hey-api/openapi-ts](https://github.com/hey-api/openapi-ts) | `0.94.3` | `0.95.0` | | [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.91.2` | `5.97.0` | | [axios](https://github.com/axios/axios) | `1.13.6` | `1.15.0` | | [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.4` | `19.2.5` | | [react-cookie](https://github.com/ItsBenCodes/cookies) | `8.0.1` | `8.1.0` | | [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.4` | `19.2.5` | | [react-hook-form](https://github.com/react-hook-form/react-hook-form) | `7.71.2` | `7.72.1` | | [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `7.13.1` | `7.14.0` | | [@eslint/compat](https://github.com/eslint/rewrite/tree/HEAD/packages/compat) | `2.0.3` | `2.0.5` | | [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.57.1` | `8.58.1` | | [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.57.1` | `8.58.1` | | [@typescript-eslint/utils](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/utils) | `8.57.1` | `8.58.1` | | [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.1.0` | `4.1.4` | | [eslint](https://github.com/eslint/eslint) | `10.0.3` | `10.2.0` | | [eslint-plugin-perfectionist](https://github.com/azat-io/eslint-plugin-perfectionist) | `5.7.0` | `5.8.0` | | [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.57.1` | `8.58.1` | | [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.0` | `4.1.4` | Updates `@hey-api/openapi-ts` from 0.94.3 to 0.95.0 - [Release notes](https://github.com/hey-api/openapi-ts/releases) - [Changelog](https://github.com/hey-api/openapi-ts/blob/main/CHANGELOG.md) - [Commits](https://github.com/hey-api/openapi-ts/compare/@hey-api/openapi-ts@0.94.3...@hey-api/openapi-ts@0.95.0) Updates `@tanstack/react-query` from 5.91.2 to 5.97.0 - [Release notes](https://github.com/TanStack/query/releases) - [Changelog](https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md) - [Commits](https://github.com/TanStack/query/commits/@tanstack/react-query@5.97.0/packages/react-query) Updates `axios` from 1.13.6 to 1.15.0 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.13.6...v1.15.0) Updates `react` from 19.2.4 to 19.2.5 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.5/packages/react) Updates `react-cookie` from 8.0.1 to 8.1.0 - [Release notes](https://github.com/ItsBenCodes/cookies/releases) - [Commits](ItsBenCodes/cookies@v8.0.1...v8.1.0) Updates `react-dom` from 19.2.4 to 19.2.5 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.5/packages/react-dom) Updates `react-hook-form` from 7.71.2 to 7.72.1 - [Release notes](https://github.com/react-hook-form/react-hook-form/releases) - [Changelog](https://github.com/react-hook-form/react-hook-form/blob/master/CHANGELOG.md) - [Commits](react-hook-form/react-hook-form@v7.71.2...v7.72.1) Updates `react-router-dom` from 7.13.1 to 7.14.0 - [Release notes](https://github.com/remix-run/react-router/releases) - [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md) - [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@7.14.0/packages/react-router-dom) Updates `@eslint/compat` from 2.0.3 to 2.0.5 - [Release notes](https://github.com/eslint/rewrite/releases) - [Changelog](https://github.com/eslint/rewrite/blob/main/packages/compat/CHANGELOG.md) - [Commits](https://github.com/eslint/rewrite/commits/compat-v2.0.5/packages/compat) Updates `@typescript-eslint/eslint-plugin` from 8.57.1 to 8.58.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.58.1/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 8.57.1 to 8.58.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.58.1/packages/parser) Updates `@typescript-eslint/utils` from 8.57.1 to 8.58.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/utils/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.58.1/packages/utils) Updates `@vitest/coverage-v8` from 4.1.0 to 4.1.4 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.4/packages/coverage-v8) Updates `eslint` from 10.0.3 to 10.2.0 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v10.0.3...v10.2.0) Updates `eslint-plugin-perfectionist` from 5.7.0 to 5.8.0 - [Release notes](https://github.com/azat-io/eslint-plugin-perfectionist/releases) - [Changelog](https://github.com/azat-io/eslint-plugin-perfectionist/blob/main/changelog.md) - [Commits](azat-io/eslint-plugin-perfectionist@v5.7.0...v5.8.0) Updates `typescript-eslint` from 8.57.1 to 8.58.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.58.1/packages/typescript-eslint) Updates `vitest` from 4.1.0 to 4.1.4 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.4/packages/vitest) --- updated-dependencies: - dependency-name: "@hey-api/openapi-ts" dependency-version: 0.95.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: auth-ui-package-updates - dependency-name: "@tanstack/react-query" dependency-version: 5.97.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: auth-ui-package-updates - dependency-name: axios dependency-version: 1.15.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: auth-ui-package-updates - dependency-name: react dependency-version: 19.2.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: auth-ui-package-updates - dependency-name: react-cookie dependency-version: 8.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: auth-ui-package-updates - dependency-name: react-dom dependency-version: 19.2.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: auth-ui-package-updates - dependency-name: react-hook-form dependency-version: 7.72.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: auth-ui-package-updates - dependency-name: react-router-dom dependency-version: 7.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: auth-ui-package-updates - dependency-name: "@eslint/compat" dependency-version: 2.0.5 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: auth-ui-package-updates - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.58.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: auth-ui-package-updates - dependency-name: "@typescript-eslint/parser" dependency-version: 8.58.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: auth-ui-package-updates - dependency-name: "@typescript-eslint/utils" dependency-version: 8.58.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: auth-ui-package-updates - dependency-name: "@vitest/coverage-v8" dependency-version: 4.1.4 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: auth-ui-package-updates - dependency-name: eslint dependency-version: 10.2.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: auth-ui-package-updates - dependency-name: eslint-plugin-perfectionist dependency-version: 5.8.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: auth-ui-package-updates - dependency-name: typescript-eslint dependency-version: 8.58.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: auth-ui-package-updates - dependency-name: vitest dependency-version: 4.1.4 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: auth-ui-package-updates ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-04-14T11:49:20Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 13, 2026

dependabot bot requested a review from vincbeck as a code owner April 13, 2026 14:07

boring-cyborg bot added the area:API Airflow's REST/HTTP API label Apr 13, 2026

dependabot bot force-pushed the dependabot/npm_and_yarn/airflow-core/src/airflow/api_fastapi/auth/managers/simple/ui/auth-ui-package-updates-d0cfc1b638 branch from c35f77f to 8ace737 Compare April 13, 2026 16:19

dependabot bot changed the title ~~Bump the auth-ui-package-updates group across 1 directory with 17 updates~~ chore(deps): bump the auth-ui-package-updates group across 1 directory with 17 updates Apr 13, 2026

dependabot bot force-pushed the dependabot/npm_and_yarn/airflow-core/src/airflow/api_fastapi/auth/managers/simple/ui/auth-ui-package-updates-d0cfc1b638 branch from 8ace737 to e2156b9 Compare April 13, 2026 17:52

dependabot bot force-pushed the dependabot/npm_and_yarn/airflow-core/src/airflow/api_fastapi/auth/managers/simple/ui/auth-ui-package-updates-d0cfc1b638 branch from e2156b9 to 6dbf3bd Compare April 13, 2026 17:59

vincbeck approved these changes Apr 14, 2026

View reviewed changes

dependabot bot closed this Apr 14, 2026

dependabot bot deleted the dependabot/npm_and_yarn/airflow-core/src/airflow/api_fastapi/auth/managers/simple/ui/auth-ui-package-updates-d0cfc1b638 branch April 14, 2026 11:49

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the auth-ui-package-updates group across 1 directory with 17 updates#65151

chore(deps): bump the auth-ui-package-updates group across 1 directory with 17 updates#65151
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/airflow-core/src/airflow/api_fastapi/auth/managers/simple/ui/auth-ui-package-updates-d0cfc1b638

dependabot bot commented on behalf of github Apr 13, 2026 •

edited

Loading

Uh oh!

dependabot bot commented on behalf of github Apr 14, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot bot commented on behalf of github Apr 13, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

@​hey-api/openapi-ts@​0.95.0

Minor Changes

Validator request schemas

Removed plugin.getSymbol() function

Validator request schemas

@​hey-api/openapi-ts 0.95.0

Updates

Removed plugin.getSymbol() function

Plugins

@​hey-api/client-angular

@​hey-api/client-axios

@​hey-api/client-fetch

@​hey-api/client-ky

@​hey-api/client-next

@​hey-api/sdk

orpc

valibot

Validator request schemas

@​tanstack/react-query-devtools@​5.97.0

Patch Changes

@​tanstack/react-query-next-experimental@​5.97.0

Patch Changes

@​tanstack/react-query-persist-client@​5.97.0

Patch Changes

@​tanstack/react-query@​5.97.0

Patch Changes

@​tanstack/react-query-devtools@​5.96.2

Patch Changes

@​tanstack/react-query-next-experimental@​5.96.2

Patch Changes

@​tanstack/react-query-persist-client@​5.96.2

Patch Changes

@​tanstack/react-query@​5.96.2

Patch Changes

5.97.0

Patch Changes

5.96.2

Patch Changes

5.96.1

Patch Changes

5.96.0

Patch Changes

5.95.2

Patch Changes

5.95.1

Patch Changes

5.95.0

Patch Changes

5.94.5

v1.15.0

⚠️ Important Changes

🔒 Security Fixes

🚀 New Features

🔧 Maintenance & Chores

🌟 New Contributors

v1.14.0

⚠️ Important Changes

🚀 New Features

🐛 Bug Fixes

v1.15.0 — April 7, 2026

🔒 Security Fixes

🚀 New Features

🐛 Bug Fixes

🔧 Maintenance & Chores

🌟 New Contributors

v1.14.0 — March 27, 2026

🔒 Security Fixes

🐛 Bug Fixes

19.2.5 (April 8th, 2026)

React Server Components

v8.1.0

What's Changed

New Contributors

19.2.5 (April 8th, 2026)

React Server Components

Version 7.72.1

Version 7.72.0

dependabot bot commented on behalf of github Apr 13, 2026 •

edited

Loading

`@hey-api/openapi-ts@0`.95.0

Removed `plugin.getSymbol()` function

`@hey-api/openapi-ts` 0.95.0

Removed `plugin.getSymbol()` function

`@hey-api/client-angular`

`@hey-api/client-axios`

`@hey-api/client-fetch`

`@hey-api/client-ky`

`@hey-api/client-next`

`@hey-api/sdk`

`@tanstack/react-query-devtools@5`.97.0

`@tanstack/react-query-next-experimental@5`.97.0

`@tanstack/react-query-persist-client@5`.97.0

`@tanstack/react-query@5`.97.0

`@tanstack/react-query-devtools@5`.96.2

`@tanstack/react-query-next-experimental@5`.96.2

`@tanstack/react-query-persist-client@5`.96.2

`@tanstack/react-query@5`.96.2