chore(deps): bump the all-minor-and-patch group with 42 updates

[dependabot]

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

Bumps the all-minor-and-patch group with 42 updates:

Package	From	To
lucide-react	0.294.0	0.577.0
@nx/js	22.5.3	22.6.4
@nx/node	22.5.3	22.6.4
@nx/react	22.5.3	22.6.4
@nx/vite	22.5.3	22.6.4
@nx/web	22.5.3	22.6.4
@swc/core	1.15.18	1.15.21
@swc/helpers	0.5.19	0.5.20
@types/node	20.19.35	20.19.37
nx	22.5.3	22.6.4
postcss	8.5.6	8.5.8
puppeteer	24.37.5	24.40.0
@rollup/rollup-darwin-arm64	4.59.0	4.60.1
ioredis	5.10.0	5.10.1
@inquirer/prompts	8.3.0	8.3.2
fs-extra	11.3.3	11.3.4
graphql	16.13.1	16.13.2
@rollup/plugin-commonjs	29.0.0	29.0.2
@vitest/coverage-v8	4.0.18	4.1.2
rollup	4.59.0	4.60.1
rollup-plugin-dts	6.3.0	6.4.1
@aws-sdk/client-s3	3.1001.0	3.1022.0
@vercel/blob	2.3.0	2.3.2
ably	2.18.0	2.21.0
next	15.5.12	15.5.14
rehype-pretty-code	0.14.1	0.14.3
resend	6.9.3	6.10.0
viem	2.46.3	2.47.6
zustand	5.0.11	5.0.12
@playwright/test	1.58.2	1.59.1
@prisma/nextjs-monorepo-workaround-plugin	7.4.2	7.6.0
eslint	9.39.3	9.39.4
eslint-config-next	15.5.12	15.5.14
dockerode	4.0.9	4.0.10
@types/dockerode	3.3.47	4.0.1
pg	8.19.0	8.20.0
@types/pg	8.18.0	8.20.0
tar	7.5.9	7.5.13
ws	8.18.0	8.20.0
yaml	2.8.2	2.8.3
@aws-sdk/lib-storage	3.1001.0	3.1022.0
dompurify	3.3.1	3.3.3

Updates lucide-react from 0.294.0 to 0.577.0

Release notes

Sourced from lucide-react's releases.

Version 0.577.0

What's Changed

• chore(deps): bump rollup from 4.53.3 to 4.59.0 by @​dependabot[bot] in lucide-icons/lucide#4106
• fix(repo): correctly ignore docs/releaseMetadata via .gitignore by @​bhavberi in lucide-icons/lucide#4100
• feat(icons): added ellipse icon by @​KISHORE-KUMAR-S in lucide-icons/lucide#3749

New Contributors

• @​bhavberi made their first contribution in lucide-icons/lucide#4100
• @​KISHORE-KUMAR-S made their first contribution in lucide-icons/lucide#3749

Full Changelog: lucide-icons/lucide@0.576.0...0.577.0

Version 0.576.0

What's Changed

• Added zodiac signs by @​karsa-mistmere in lucide-icons/lucide#712
• fix(icons): fixes guideline violations in package-* icons. by @​karsa-mistmere in lucide-icons/lucide#4074
• fix(icons): changed receipt icon by @​karsa-mistmere in lucide-icons/lucide#4075
• fix(icons): updated cuboid icon tags and categories by @​karsa-mistmere in lucide-icons/lucide#4095
• fix(icons): changed cuboid icon by @​jamiemlaw in lucide-icons/lucide#4098
• fix(lucide-font, lucide-static): Fixing stable code points by @​ericfennis in lucide-icons/lucide#3894
• feat(icons): added fishing-rod icon by @​7ender in lucide-icons/lucide#3839

Full Changelog: lucide-icons/lucide@0.575.0...0.576.0

Version 0.575.0

What's Changed

• feat(icons): added message-square-check icon by @​karsa-mistmere in lucide-icons/lucide#4076
• fix(lucide): Fix ESM Module output path in build by @​ericfennis in lucide-icons/lucide#4084
• feat(icons): added metronome icon by @​edwloef in lucide-icons/lucide#4063
• fix(icons): remove execution permission of SVG files by @​duckafire in lucide-icons/lucide#4053
• fix(icons): changed file-pen-line icon by @​jguddas in lucide-icons/lucide#3970
• feat(icons): added square-arrow-right-exit and square-arrow-right-enter icons by @​EthanHazel in lucide-icons/lucide#3958
• fix(icons): renamed flip-* to square-centerline-dashed-* by @​jguddas in lucide-icons/lucide#3945

New Contributors

• @​edwloef made their first contribution in lucide-icons/lucide#4063
• @​duckafire made their first contribution in lucide-icons/lucide#4053

Full Changelog: lucide-icons/lucide@0.573.0...0.575.0

Version 0.574.0

What's Changed

• fix(icons): changed rocking-chair icon by @​jamiemlaw in lucide-icons/lucide#3445
• fix(icons): flipped coins icon by @​jguddas in lucide-icons/lucide#3158
• feat(icons): added x-line-top icon by @​jguddas in lucide-icons/lucide#2838
• feat(icons): added mouse-left icon by @​marvfash in lucide-icons/lucide#2788
• feat(icons): added mouse-right icon by @​marvfash in lucide-icons/lucide#2787

New Contributors

... (truncated)

Commits

• f6c0d06 chore(deps): bump rollup from 4.53.3 to 4.59.0 (#4106)
• 67c0485 feat(scripts): added helper script to automatically update OpenCollective bac...
• b6ed43d feat(packages): Added aria-hidden fallback for decorative icons to all packag...
• 076e0bb chore(dependencies): Update dependencies (#3809)
• 80d6f73 fix(icons): Rename fingerprint icon to fingerprint-pattern (#3767)
• 1cfb3ff chore(deps-dev): bump vite from 6.3.5 to 6.3.6 (#3611)
• e71198d chore: icon alias improvements (#2861)
• 3e644fd chore(scripts): Refactor scripts to typescript (#3316)
• 19fa01b build(deps-dev): bump vite from 6.3.2 to 6.3.4 (#3181)
• 03eb862 use implicit return in react package (#2325)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for lucide-react since your current version.

Updates @nx/js from 22.5.3 to 22.6.4

Release notes

Sourced from @​nx/js's releases.

22.6.4 (2026-04-01)

🚀 Features

• misc: update nx init telemetry meta from CSV to JSON format (#35076)
• nx-dev: add conditional blog/changelog proxy in edge function (#35043)

🩹 Fixes

• core: validate bundler option for Angular presets in create-nx-workspace (#35074)
• core: handle "." and absolute paths as workspace name in CNW (#35083, #1)
• core: pin version of axios (#35093)
• core: preserve sibling dependency inputs in native hashing (#35071)
• core: sandbox exclusions, multi-line typeof import detection, global ensurePackage mock (#35056)
• core: no-interactive should disable prompts during migrate (#35106)
• gradle: increase project graph timeout defaults (#35058)
• js: recognize tsgo in dependency-checks lint rule (#35048)
• js: narrow tsc build-base outputs to only tsc-produced file types (#35041)
• js: include tsbuildinfo in narrowed tsc build-base outputs (#35086, #35041)
• js: use explicit nx/bin/nx path in start-local-registry (#35127)
• misc: handle non-interactive mode and add template shorthand names for CNW (#35045)
• react: force Vite 7 when using React Router in framework mode (#35101)
• react-native: use vite's transformWithEsbuild instead of direct esbuild import (5771eb3346)
• repo: pass env vars into docker builds in publish workflow (#35060)
• repo: bump picomatch from 4.0.2 to 4.0.4 (#35081, #35068)
• repo: fixup lock-threads failing with resource inaccessible message (#35005)
• repo: fix lockfile (b070e23445)
• repo: re-enable Cypress HMR e2e tests after upstream tapable fix (#35105, #34969, #20693)
• repo: disable ts-jest diagnostics for workspace-plugin tests (b013f93dca)
• vite: update vitest and plugin-react-swc versions for vite 8 compat (#35062)
• vite: bump sass version for vue/nuxt presets for Vite 8 compat (#35073)
• webpack: bump postcss-loader to ^8.2.1 to eliminate transitive yaml@1.x CVE (#35028, #35025)

❤️ Thank You

• Colum Ferry @​Coly010
• Craigory Coppola @​AgentEnder
• FrozenPandaz @​FrozenPandaz
• Jack Hsu @​jaysoo
• Jason Jean @​FrozenPandaz
• Leosvel Pérez Espinosa @​leosvelperez
• Miroslav Jonaš @​meeroslav
• Robert Sidzinka

22.6.3 (2026-03-27)

🚀 Features

• misc: a/b test cloud prompt copy in create-nx-workspace (#35039)

... (truncated)

Commits

• 44abcb2 fix(js): use explicit nx/bin/nx path in start-local-registry (#35127)
• aacfa7c fix(js): include tsbuildinfo in narrowed tsc build-base outputs (#35086)
• 32c4a02 chore(repo): fix critical handlebars and underscore vulnerabilities in npm au...
• 9acaee8 fix(js): narrow tsc build-base outputs to only tsc-produced file types (#35041)
• 9a18bc0 fix(js): recognize tsgo in dependency-checks lint rule (#35048)
• 9a743d3 fix(js): add {projectRoot} prefix to d.ts fileset in typescript plugin (#35037)
• b611b98 fix(js): add input on .d.ts files within dependency projects (#34968)
• 583335b fix(js): pass configName to typecheck command in TS plugin (#34989)
• 1fac893 fix(core): set windowsHide: true on all child process spawns (#34894)
• 9c2b5e2 fix(js): preserve tsconfig fields in typescript plugin cache (#34908)
• Additional commits viewable in compare view

Updates @nx/node from 22.5.3 to 22.6.4

Release notes

Sourced from @​nx/node's releases.

22.6.4 (2026-04-01)

🚀 Features

• misc: update nx init telemetry meta from CSV to JSON format (#35076)
• nx-dev: add conditional blog/changelog proxy in edge function (#35043)

🩹 Fixes

• core: validate bundler option for Angular presets in create-nx-workspace (#35074)
• core: handle "." and absolute paths as workspace name in CNW (#35083, #1)
• core: pin version of axios (#35093)
• core: preserve sibling dependency inputs in native hashing (#35071)
• core: sandbox exclusions, multi-line typeof import detection, global ensurePackage mock (#35056)
• core: no-interactive should disable prompts during migrate (#35106)
• gradle: increase project graph timeout defaults (#35058)
• js: recognize tsgo in dependency-checks lint rule (#35048)
• js: narrow tsc build-base outputs to only tsc-produced file types (#35041)
• js: include tsbuildinfo in narrowed tsc build-base outputs (#35086, #35041)
• js: use explicit nx/bin/nx path in start-local-registry (#35127)
• misc: handle non-interactive mode and add template shorthand names for CNW (#35045)
• react: force Vite 7 when using React Router in framework mode (#35101)
• react-native: use vite's transformWithEsbuild instead of direct esbuild import (5771eb3346)
• repo: pass env vars into docker builds in publish workflow (#35060)
• repo: bump picomatch from 4.0.2 to 4.0.4 (#35081, #35068)
• repo: fixup lock-threads failing with resource inaccessible message (#35005)
• repo: fix lockfile (b070e23445)
• repo: re-enable Cypress HMR e2e tests after upstream tapable fix (#35105, #34969, #20693)
• repo: disable ts-jest diagnostics for workspace-plugin tests (b013f93dca)
• vite: update vitest and plugin-react-swc versions for vite 8 compat (#35062)
• vite: bump sass version for vue/nuxt presets for Vite 8 compat (#35073)
• webpack: bump postcss-loader to ^8.2.1 to eliminate transitive yaml@1.x CVE (#35028, #35025)

❤️ Thank You

• Colum Ferry @​Coly010
• Craigory Coppola @​AgentEnder
• FrozenPandaz @​FrozenPandaz
• Jack Hsu @​jaysoo
• Jason Jean @​FrozenPandaz
• Leosvel Pérez Espinosa @​leosvelperez
• Miroslav Jonaš @​meeroslav
• Robert Sidzinka

22.6.3 (2026-03-27)

🚀 Features

• misc: a/b test cloud prompt copy in create-nx-workspace (#35039)

... (truncated)

Commits

• cb6452c fix(misc): address security CVE cluster (copy-webpack-plugin, koa, minimatch)...
• See full diff in compare view

Updates @nx/react from 22.5.3 to 22.6.4

Release notes

Sourced from @​nx/react's releases.

22.6.4 (2026-04-01)

🚀 Features

• misc: update nx init telemetry meta from CSV to JSON format (#35076)
• nx-dev: add conditional blog/changelog proxy in edge function (#35043)

🩹 Fixes

• core: validate bundler option for Angular presets in create-nx-workspace (#35074)
• core: handle "." and absolute paths as workspace name in CNW (#35083, #1)
• core: pin version of axios (#35093)
• core: preserve sibling dependency inputs in native hashing (#35071)
• core: sandbox exclusions, multi-line typeof import detection, global ensurePackage mock (#35056)
• core: no-interactive should disable prompts during migrate (#35106)
• gradle: increase project graph timeout defaults (#35058)
• js: recognize tsgo in dependency-checks lint rule (#35048)
• js: narrow tsc build-base outputs to only tsc-produced file types (#35041)
• js: include tsbuildinfo in narrowed tsc build-base outputs (#35086, #35041)
• js: use explicit nx/bin/nx path in start-local-registry (#35127)
• misc: handle non-interactive mode and add template shorthand names for CNW (#35045)
• react: force Vite 7 when using React Router in framework mode (#35101)
• react-native: use vite's transformWithEsbuild instead of direct esbuild import (5771eb3346)
• repo: pass env vars into docker builds in publish workflow (#35060)
• repo: bump picomatch from 4.0.2 to 4.0.4 (#35081, #35068)
• repo: fixup lock-threads failing with resource inaccessible message (#35005)
• repo: fix lockfile (b070e23445)
• repo: re-enable Cypress HMR e2e tests after upstream tapable fix (#35105, #34969, #20693)
• repo: disable ts-jest diagnostics for workspace-plugin tests (b013f93dca)
• vite: update vitest and plugin-react-swc versions for vite 8 compat (#35062)
• vite: bump sass version for vue/nuxt presets for Vite 8 compat (#35073)
• webpack: bump postcss-loader to ^8.2.1 to eliminate transitive yaml@1.x CVE (#35028, #35025)

❤️ Thank You

• Colum Ferry @​Coly010
• Craigory Coppola @​AgentEnder
• FrozenPandaz @​FrozenPandaz
• Jack Hsu @​jaysoo
• Jason Jean @​FrozenPandaz
• Leosvel Pérez Espinosa @​leosvelperez
• Miroslav Jonaš @​meeroslav
• Robert Sidzinka

22.6.3 (2026-03-27)

🚀 Features

• misc: a/b test cloud prompt copy in create-nx-workspace (#35039)

... (truncated)

Commits

• 4adc90f fix(react): force Vite 7 when using React Router in framework mode (#35101)
• ed5cd20 chore(repo): ensure Cypress CT unit tests use Vite 7 since 8 is unsupported (...
• c96a9d4 fix(vite): add support for Vite 8 (#34850)
• dbd2ace fix(linter): prepend framework configs before baseConfig in flat config gener...
• 6ee7091 Revert "feat(js): add deps-sync generator (#34407)" (#34888)
• 8d71d5b feat(js): add deps-sync generator (#34407)
• cb6452c fix(misc): address security CVE cluster (copy-webpack-plugin, koa, minimatch)...
• 7351e21 fix(webpack): ensure safe process.env fallback replacement (#34464)
• See full diff in compare view

Updates @nx/vite from 22.5.3 to 22.6.4

Release notes

Sourced from @​nx/vite's releases.

22.6.4 (2026-04-01)

🚀 Features

• misc: update nx init telemetry meta from CSV to JSON format (#35076)
• nx-dev: add conditional blog/changelog proxy in edge function (#35043)

🩹 Fixes

• core: validate bundler option for Angular presets in create-nx-workspace (#35074)
• core: handle "." and absolute paths as workspace name in CNW (#35083, #1)
• core: pin version of axios (#35093)
• core: preserve sibling dependency inputs in native hashing (#35071)
• core: sandbox exclusions, multi-line typeof import detection, global ensurePackage mock (#35056)
• core: no-interactive should disable prompts during migrate (#35106)
• gradle: increase project graph timeout defaults (#35058)
• js: recognize tsgo in dependency-checks lint rule (#35048)
• js: narrow tsc build-base outputs to only tsc-produced file types (#35041)
• js: include tsbuildinfo in narrowed tsc build-base outputs (#35086, #35041)
• js: use explicit nx/bin/nx path in start-local-registry (#35127)
• misc: handle non-interactive mode and add template shorthand names for CNW (#35045)
• react: force Vite 7 when using React Router in framework mode (#35101)
• react-native: use vite's transformWithEsbuild instead of direct esbuild import (5771eb3346)
• repo: pass env vars into docker builds in publish workflow (#35060)
• repo: bump picomatch from 4.0.2 to 4.0.4 (#35081, #35068)
• repo: fixup lock-threads failing with resource inaccessible message (#35005)
• repo: fix lockfile (b070e23445)
• repo: re-enable Cypress HMR e2e tests after upstream tapable fix (#35105, #34969, #20693)
• repo: disable ts-jest diagnostics for workspace-plugin tests (b013f93dca)
• vite: update vitest and plugin-react-swc versions for vite 8 compat (#35062)
• vite: bump sass version for vue/nuxt presets for Vite 8 compat (#35073)
• webpack: bump postcss-loader to ^8.2.1 to eliminate transitive yaml@1.x CVE (#35028, #35025)

❤️ Thank You

• Colum Ferry @​Coly010
• Craigory Coppola @​AgentEnder
• FrozenPandaz @​FrozenPandaz
• Jack Hsu @​jaysoo
• Jason Jean @​FrozenPandaz
• Leosvel Pérez Espinosa @​leosvelperez
• Miroslav Jonaš @​meeroslav
• Robert Sidzinka

22.6.3 (2026-03-27)

🚀 Features

• misc: a/b test cloud prompt copy in create-nx-workspace (#35039)

... (truncated)

Commits

• 4adc90f fix(react): force Vite 7 when using React Router in framework mode (#35101)
• 316e070 fix(vite): update vitest and plugin-react-swc versions for vite 8 compat (#35...
• c96a9d4 fix(vite): add support for Vite 8 (#34850)
• 1fac893 fix(core): set windowsHide: true on all child process spawns (#34894)
• 6ee7091 Revert "feat(js): add deps-sync generator (#34407)" (#34888)
• 1367d2a fix(vite): pin vitest v4 to ~4.0.x to fix Yarn Classic resolution failure (#3...
• 8d71d5b feat(js): add deps-sync generator (#34407)
• fb8884e fix(vitest): handle zoneless Angular apps in vitest configuration generator (...
• 42f623e fix(vite): skip root-relative paths in nxViteTsPaths resolveId (#34694)
• 1e1a8a7 fix(vite): isPreview=true for Vite Preview server (#34597)
• Additional commits viewable in compare view

Updates @nx/web from 22.5.3 to 22.6.4

Release notes

Sourced from @​nx/web's releases.

22.6.4 (2026-04-01)

🚀 Features

• misc: update nx init telemetry meta from CSV to JSON format (#35076)
• nx-dev: add conditional blog/changelog proxy in edge function (#35043)

🩹 Fixes

• core: validate bundler option for Angular presets in create-nx-workspace (#35074)
• core: handle "." and absolute paths as workspace name in CNW (#35083, #1)
• core: pin version of axios (#35093)
• core: preserve sibling dependency inputs in native hashing (#35071)
• core: sandbox exclusions, multi-line typeof import detection, global ensurePackage mock (#35056)
• core: no-interactive should disable prompts during migrate (#35106)
• gradle: increase project graph timeout defaults (#35058)
• js: recognize tsgo in dependency-checks lint rule (#35048)
• js: narrow tsc build-base outputs to only tsc-produced file types (#35041)
• js: include tsbuildinfo in narrowed tsc build-base outputs (#35086, #35041)
• js: use explicit nx/bin/nx path in start-local-registry (#35127)
• misc: handle non-interactive mode and add template shorthand names for CNW (#35045)
• react: force Vite 7 when using React Router in framework mode (#35101)
• react-native: use vite's transformWithEsbuild instead of direct esbuild import (5771eb3346)
• repo: pass env vars into docker builds in publish workflow (#35060)
• repo: bump picomatch from 4.0.2 to 4.0.4 (#35081, #35068)
• repo: fixup lock-threads failing with resource inaccessible message (#35005)
• repo: fix lockfile (b070e23445)
• repo: re-enable Cypress HMR e2e tests after upstream tapable fix (#35105, #34969, #20693)
• repo: disable ts-jest diagnostics for workspace-plugin tests (b013f93dca)
• vite: update vitest and plugin-react-swc versions for vite 8 compat (#35062)
• vite: bump sass version for vue/nuxt presets for Vite 8 compat (#35073)
• webpack: bump postcss-loader to ^8.2.1 to eliminate transitive yaml@1.x CVE (#35028, #35025)

❤️ Thank You

• Colum Ferry @​Coly010
• Craigory Coppola @​AgentEnder
• FrozenPandaz @​FrozenPandaz
• Jack Hsu @​jaysoo
• Jason Jean @​FrozenPandaz
• Leosvel Pérez Espinosa @​leosvelperez
• Miroslav Jonaš @​meeroslav
• Robert Sidzinka

22.6.3 (2026-03-27)

🚀 Features

• misc: a/b test cloud prompt copy in create-nx-workspace (#35039)

... (truncated)

Commits

• 9d97ddf fix(core): sandbox exclusions, multi-line typeof import detection, global ens...
• 1fac893 fix(core): set windowsHide: true on all child process spawns (#34894)
• See full diff in compare view

Updates @swc/core from 1.15.18 to 1.15.21

Changelog

Sourced from @​swc/core's changelog.

[1.15.21] - 2026-03-22

Bug Fixes

• (cli) Honor externalHelpers=false in rust binary (#11693) (1be052e)

• (cli) Skip mkdir when --out-file targets the current directory (#11720) (f3f4e51)

• (es/decorators) Resolve 2022-03 issues #9565/#9078/#9079 and add regressions (#11698) (a025d2b)

• (es/fixer) Wrap new opt chain (#11618) (fdcd184)

• (es/flow) Normalize module await bindings for Hermes parity (#11703) (73d8761)

• (es/minifier) Fix compatibility for Wasm plugin (swc_ast_unknown) (#11641) (abd0e45)

• (es/module) Preserve explicit index.js import path when baseUrl is set (#11597) (830dbeb)

• (es/module) Avoid rewriting unknown relative extensions (#11713) (ed09218)

• (es/regexp) Implement transform-named-capturing-groups-regex (#11642) (f62bfa9)

• (es/types) Add new options types (#11683) (62eeee1)

• (malloc) Fallback to system allocator on linux gnu s390x/powerpc (#11606) (e103fac)

• Update lz4_flex to resolve RUSTSEC-2026-0041 (#11701) (7528507)

Documentation

• (agents) Improve guidance (#11626) (1cdfec9)

• (agents) Add AGENTS two-pass rules for es crates (#11634) (12af4a1)

... (truncated)

Commits

• a06c4b9 chore: Publish 1.15.21 with swc_core v59.0.1
• eb169d5 chore: Publish 1.15.21-nightly-20260322.3 with swc_core v59.0.1
• 4c378f7 chore: Publish 1.15.21-nightly-20260322.2 with swc_core v59.0.1
• 1cdd010 chore: Publish 1.15.21-nightly-20260322.1 with swc_core v59.0.1
• de0c918 chore: Publish 1.15.20-nightly-20260302.1 with swc_core v58.0.4
• f79f31e chore: Publish 1.15.19-nightly-20260302.1 with swc_core v58.0.3
• 357255d feat(bindings): Add linux ppc64le and s390x support across npm bindings (#11602)
• See full diff in compare view

Updates @swc/helpers from 0.5.19 to 0.5.20

Commits

• See full diff in compare view

Updates @types/node from 20.19.35 to 20.19.37

Commits

• See full diff in compare view

Updates nx from 22.5.3 to 22.6.4

Release notes

Sourced from nx's releases.

22.6.4 (2026-04-01)

🚀 Features

• misc: update nx init telemetry meta from CSV to JSON format (#35076)
• nx-dev: add conditional blog/changelog proxy in edge function (#35043)

🩹 Fixes

• core: validate bundler option for Angular presets in create-nx-workspace (#35074)
• core: handle "." and absolute paths as workspace name in CNW (#35083, #1)
• core: pin version of axios (#35093)
• core: preserve sibling dependency inputs in native hashing (#35071)
• core: sandbox exclusions, multi-line typeof import detection, global ensurePackage mock (#35056)
• core: no-interactive should disable prompts during migrate (#35106)
• gradle: increase project graph timeout defaults (#35058)
• js: recognize tsgo in dependency-checks lint rule (#35048)
• js: narrow tsc build-base outputs to only tsc-produced file types (#35041)
• js: include tsbuildinfo in narrowed tsc build-base outputs (#35086, #35041)
• js: use explicit nx/bin/nx path in start-local-registry (#35127)
• misc: handle non-interactive mode and add template shorthand names for CNW (#35045)
• react: force Vite 7 when using React Router in framework mode (#35101)
• react-native: use vite's transformWithEsbuild instead of direct esbuild import (5771eb3346)
• repo: pass env vars into docker builds in publish workflow (#35060)
• repo: bump picomatch from 4.0.2 to 4.0.4 (#35081, #35068)
• repo: fixup lock-threads failing with resource inaccessible message (#35005)
• repo: fix lockfile (b070e23445)
• repo: re-enable Cypress HMR e2e tests after upstream tapable fix (#35105, #34969, #20693)
• repo: disable ts-jest diagnostics for workspace-plugin tests (b013f93dca)
• vite: update vitest and plugin-react-swc versions for vite 8 compat (#35062)
• vite: bump sass version for vue/nuxt presets for Vite 8 compat (#35073)
• webpack: bump postcss-loader to ^8.2.1 to eliminate transitive yaml@1.x CVE (#35028, #35025)

❤️ Thank You

• Colum Ferry @​Coly010
• Craigory Coppola @​AgentEnder
• FrozenPandaz @​FrozenPandaz
• Jack Hsu @​jaysoo
• Jason Jean @​FrozenPandaz
• Leosvel Pérez Espinosa @​leosvelperez
• Miroslav Jonaš @​meeroslav
• Robert Sidzinka

22.6.3 (2026-03-27)

🚀 Features

• misc: a/b test cloud prompt copy in create-nx-workspace (#35039)

... (truncated)

Commits

• 070ca28 fix(core): no-interactive should disable prompts during migrate (#35106)
• 9d97ddf fix(core): sandbox exclusions, multi-line typeof import detection, global ens...
• 9442c13 fix(core): preserve sibling dependency inputs in native hashing (#35071)
• 63abe70 fix(core): pin version of axios (#35093)
• db057e4 chore(misc): rename vulnerable packages in test fixture lockfiles (#35072)
• 50d4d3c feat(misc): update nx init telemetry meta from CSV to JSON format (#35076)
• c911c6a fix(repo): resolv...

  Description has been truncated

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
naap-platform	Error		Apr 9, 2026 10:43pm

[github-actions]

⚠️ This PR is very large (22175 lines changed). Please split it into smaller, focused PRs if possible.

[github-actions]

⚠️ Merge conflict detected

This PR has conflicts with the base branch. Please rebase to resolve them:

git fetch origin
git rebase origin/main
# resolve conflicts, then:
git push --force-with-lease

The needs-rebase label will be removed automatically once the conflicts are resolved.

[github-actions]

This PR has been inactive for 7 days. It will be closed in 5 days if no activity occurs. Feel free to reopen anytime.

[seanhanca]

@dependabot recreate

[qianghan]

@dependabot rebase

[dependabot]

Sorry, only users with push access can use that command.

[seanhanca]

@dependabot rebase

[seanhanca]

Closing this stale Dependabot PR.

Why this PR cannot be rebased cleanly

This PR was opened on Apr 2 and has been sitting for 19 days. Since then, #272 landed, which fully regenerated package-lock.json with several major-version bumps (vite 6 → 8, vitest 3 → 4, @vitejs/plugin-react 4 → 6, @nx/* 22.5 → 22.6.5, next 15.5.12 → 15.5.15). The branch is now 21 commits behind main and cannot be rebased without reconstructing the lockfile from scratch.

@dependabot recreate and @dependabot rebase were both invoked with push-access but did not produce an updated commit — consistent with the underlying conflict being too invasive for Dependabot to resolve automatically.

Would merging as-is regress main?

Yes. PR 226 still pins @vitejs/plugin-react: ^4.3.0 and vite: ^6.0.0 across workflow/plugin packages, while main now uses ^6.0.1 and 8.0.8 via #272's workspace-wide overrides. Merging this branch (even after a synthetic rebase) would downgrade those constraints.

Status of the individual bumps

Group	Status
next, @nx/*, nx, eslint-config-next	Already on main at equal or higher versions
@aws-sdk/client-s3 / lib-storage, @vercel/blob, ably, viem, zustand, eslint, postcss, puppeteer, rollup, ws, pg, tar, dockerode, yaml, ioredis, @types/node 20.19.39	Still useful — will be picked up by the next scheduled Dependabot run
@vitejs/plugin-react 4.3 constraint	Do not take — would regress main

Next step

Dependabot is configured to run monthly (.github/dependabot.yml). The next scheduled run will generate a fresh all-minor-and-patch group PR against the current main, automatically reflecting the post-#272 baseline and avoiding all the above issues. Re-review and merge that one.

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml