deps(npm)(deps): bump the js-non-major group across 1 directory with 13 updates by dependabot[bot] · Pull Request #36 · seekdevcore/interpop

dependabot · 2026-06-04T08:50:52Z

Bumps the js-non-major group with 11 updates in the / directory:

Package	From	To
axios	`1.16.1`	`1.17.0`
react	`19.2.6`	`19.2.7`
@types/react	`19.2.15`	`19.2.17`
react-dom	`19.2.6`	`19.2.7`
react-error-boundary	`6.1.1`	`6.1.2`
react-router-dom	`7.15.1`	`7.17.0`
@vitest/coverage-v8	`4.1.7`	`4.1.8`
eslint	`10.4.0`	`10.4.1`
lint-staged	`17.0.5`	`17.0.7`
typescript-eslint	`8.59.4`	`8.60.1`
vite	`8.0.14`	`8.0.16`

Updates axios from 1.16.1 to 1.17.0

Release notes

Sourced from axios's releases.

v1.17.0 — June 1, 2026

This release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.

🔒 Security Fixes

Config Hardening: Guarded socketPath, params, and paramsSerializer reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (#10901, #10922)

Release Publishing: Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (#10926)

🚀 New Features

HTTP Compression: Added Node HTTP adapter support for zstd response decompression, with transitional.advertiseZstdAcceptEncoding controlling whether zstd is advertised in Accept-Encoding. (#6792, #10920)

🐛 Bug Fixes

Authentication Handling: Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (#10929, #10896)

Proxy TLS: Preserved user httpsAgent TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (#10957)

React Native FormData: Cleared default Content-Type for React Native FormData so multipart boundaries can be generated correctly. (#10898)

Headers: Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (#10875)

Request Data Merging: Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (#10812)

Bundler Compatibility: Converted resolveConfig from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (#10891)

Types: Corrected AxiosHeaders.toJSON() return types and updated CommonJS isCancel typings to narrow to CanceledError<T>. (#10956, #10952)

Build Tooling: Avoided emitting a null Authorization header from the GitHub build helper when GITHUB_TOKEN is unset. (#10931)

🔧 Maintenance & Chores

HTTP/2 Internals: Extracted Http2Sessions into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (#10861)

Package Publishing: Reduced published package size by switching to a files allowlist and dropping unneeded unminified bundle source maps. (#10939)

CI and Release Automation: Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (#10907, #10911, #10916, #10927, #10935, #10983)

Developer Workflow: Added a dev container and iterated on OpenSpec workflow files before removing them from the release branch. (#10925, #10914, #10958)

Documentation and Policy: Updated disclosure, contributor, collaboration, threat-model, advanced docs, README badges, release notes, moderator configuration, and project metadata. (#10890, #10889, #10921, #10945, #10905, #10933, #10915, #10887, #10955)

Dependencies: Bumped Babel tooling, Commitlint, ESLint, Rollup, Globals, Vitest, Playwright, fs-extra, qs, docs dependencies, and GitHub Actions dependencies including actions/dependency-review-action and zizmorcore/zizmor-action. (#10871, #10879, #10918, #10919, #10934, #10947, #10954, #10960)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

@BasixKOR (#6792)

@carladams1299-lab (#10861)

@LaplaceYoung (#10812)

@JamieMagee (#10939)

@RonGamzu (#10905)

@sapirbaruch (#10891)

@nezukoagent (#10901)

@devareddy05 (#10929)

@Mohammad-Faiz-Cloud-Engineer (#10922)

@azandabot (#10931)

@niksy (#10896)

Full Changelog

Changelog

Sourced from axios's changelog.

v1.17.0 — June 1, 2026

This release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.

🔒 Security Fixes

Config Hardening: Guarded socketPath, params, and paramsSerializer reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (#10901, #10922)

Release Publishing: Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (#10926)

🚀 New Features

HTTP Compression: Added Node HTTP adapter support for zstd response decompression, with transitional.advertiseZstdAcceptEncoding controlling whether zstd is advertised in Accept-Encoding. (#6792, #10920)

🐛 Bug Fixes

Authentication Handling: Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (#10929, #10896)

Proxy TLS: Preserved user httpsAgent TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (#10957)

React Native FormData: Cleared default Content-Type for React Native FormData so multipart boundaries can be generated correctly. (#10898)

Headers: Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (#10875)

Request Data Merging: Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (#10812)

Bundler Compatibility: Converted resolveConfig from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (#10891)

Types: Corrected AxiosHeaders.toJSON() return types and updated CommonJS isCancel typings to narrow to CanceledError<T>. (#10956, #10952)

Build Tooling: Avoided emitting a null Authorization header from the GitHub build helper when GITHUB_TOKEN is unset. (#10931)

🔧 Maintenance & Chores

HTTP/2 Internals: Extracted Http2Sessions into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (#10861)

Package Publishing: Reduced published package size by switching to a files allowlist and dropping unneeded unminified bundle source maps. (#10939)

CI and Release Automation: Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (#10907, #10911, #10916, #10927, #10935, #10983)

Developer Workflow: Added a dev container and iterated on OpenSpec workflow files before removing them from the release branch. (#10925, #10914, #10958)

Documentation and Policy: Updated disclosure, contributor, collaboration, threat-model, advanced docs, README badges, release notes, moderator configuration, and project metadata. (#10890, #10889, #10921, #10945, #10905, #10933, #10915, #10887, #10955)

Dependencies: Bumped Babel tooling, Commitlint, ESLint, Rollup, Globals, Vitest, Playwright, fs-extra, qs, docs dependencies, and GitHub Actions dependencies including actions/dependency-review-action and zizmorcore/zizmor-action. (#10871, #10879, #10918, #10919, #10934, #10947, #10954, #10960)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

@BasixKOR (#6792)

@carladams1299-lab (#10861)

@LaplaceYoung (#10812)

@JamieMagee (#10939)

@RonGamzu (#10905)

@sapirbaruch (#10891)

@nezukoagent (#10901)

@devareddy05 (#10929)

@Mohammad-Faiz-Cloud-Engineer (#10922)

@azandabot (#10931)

@niksy (#10896)

Full Changelog

Commits

4306df2 chore: add fun 88 sponsorship
931cc8f chore(release): prepare release 1.17.0 (#10983)
38ba1b3 fix(fetch): support basic auth from URL (#10896)
32e2515 fix: replace ternary side effect in script (#10931)
030e722 chore(deps): bump axios from 1.15.2 to 1.16.1 in /docs (#10960)
ec63164 chore: remove openspec (#10958)
3dec28f fix(http): preserve TLS options for proxy tunnels (#10957)
a2390a5 fix: correct isCancel type to narrow to CanceledError<T> (#10952)
fa01b92 chore(deps-dev): bump tmp from 0.2.5 to 0.2.7 in /docs (#10954)
2d2314a fix: AxiosHeaders toJSON() return types (#10956)
Additional commits viewable in compare view

Updates react from 19.2.6 to 19.2.7

Release notes

Sourced from react's releases.

19.2.7 (June 1st, 2026)

React Server Components

Fixed missing FormData entries in Server Actions which regressed in 19.2.6 (#36566 by @unstubbable)

Commits

6117d7c Version 19.2.7 (#36591)
See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react since your current version.

Updates @types/react from 19.2.15 to 19.2.17

Commits

See full diff in compare view

Updates react-dom from 19.2.6 to 19.2.7

Release notes

Sourced from react-dom's releases.

19.2.7 (June 1st, 2026)

React Server Components

Fixed missing FormData entries in Server Actions which regressed in 19.2.6 (#36566 by @unstubbable)

Commits

6117d7c Version 19.2.7 (#36591)
See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react-dom since your current version.

Updates react-error-boundary from 6.1.1 to 6.1.2

Release notes

Sourced from react-error-boundary's releases.

6.1.2

README and doc comment updates

Commits

90b9a7e 6.1.1 -> 6.1.2
7d29d50 Update react-lib-tools from 0.0.47 to 0.0.53
09b1522 Refresh error boundary docs and examples (#240)
9db16fd Upgrade react-lib-tools to improve site-search
4f541a4 Add note about ESM to home page and README
f3f9582 Update CONTRIBUTING.md
ecaf925 Update example
70902a9 Fix JSX attribute in ErrorBoundary example (#239)
f964b1c Update react-lib-tools dep
e7b8fe2 Update react-lib-tools to better respect prefers-reduced-motion: reduce setting
See full diff in compare view

Updates react-router-dom from 7.15.1 to 7.17.0

Changelog

Sourced from react-router-dom's changelog.

v7.17.0

Patch Changes

Updated dependencies:

react-router@7.17.0

v7.16.0

Patch Changes

Remove stale/invalid unpkg field from package.json. This was removed from other packages with the release of v7 but missed in the react-router-dom re-export package (#15075)

Updated dependencies:

react-router@7.16.0

Commits

195a0d0 Release v7.17.0 (#15145)
8984d23 Release v7.16.0 (#15105)
3ed77af chore: format
e96962b fix: remove stale unpkg field from react-router-dom (#15075)
See full diff in compare view

Updates @types/react from 19.2.15 to 19.2.17

Commits

See full diff in compare view

Updates @vitest/coverage-v8 from 4.1.7 to 4.1.8

Release notes

Sourced from @vitest/coverage-v8's releases.

v4.1.8

🐞 Bug Fixes

browser:

Disable client cdp API when allowWrite/allowExec: false [backport to v4] - by @hi-ogawa and Codex in vitest-dev/vitest#10450 (e4067)

Remove orphaned Playwright route when same module is mocked via multiple ids [backport to v4] - by @toxik and @Zelys-DFKH in vitest-dev/vitest#10474 (675b4)

View changes on GitHub

Commits

e61f2dd chore: release v4.1.8
e4067b3 fix(browser): disable client cdp API when allowWrite/allowExec: false [ba...
See full diff in compare view

Updates @vitest/ui from 4.1.7 to 4.1.8

Release notes

Sourced from @vitest/ui's releases.

v4.1.8

🐞 Bug Fixes

browser:

Disable client cdp API when allowWrite/allowExec: false [backport to v4] - by @hi-ogawa and Codex in vitest-dev/vitest#10450 (e4067)

Remove orphaned Playwright route when same module is mocked via multiple ids [backport to v4] - by @toxik and @Zelys-DFKH in vitest-dev/vitest#10474 (675b4)

View changes on GitHub

Commits

e61f2dd chore: release v4.1.8
See full diff in compare view

Updates eslint from 10.4.0 to 10.4.1

Release notes

Sourced from eslint's releases.

v10.4.1

Bug Fixes

e557467 fix: update @eslint/plugin-kit version to 0.7.2 (#20930) (Francesco Trotta)

d4ce898 fix: propagate failures from delegated commands (#20917) (Minh Vu)

f4f3507 fix: prefer-arrow-callback invalid autofix with newline after async (#20916) (kuldeep kumar)

c5bc78b fix: false positive for reference in finally block (#20655) (Tanuj Kanti)

27538c0 fix: add missing CodePath and CodePathSegment types (#20853) (Pixel998)

Documentation

61b0add docs: remove deprecated rule from related rules of max-params (#20921) (Tanuj Kanti)

305d5b9 docs: remove deprecated rules from related rules section (#20911) (Tanuj Kanti)

49b0202 docs: fix display: none of ad (#20901) (Tanuj Kanti)

9067f94 docs: switch build to Node.js 24 (#20893) (Milos Djermanovic)

c91b041 docs: Update README (GitHub Actions Bot)

e349265 docs: clarify semver strings in rule deprecation objects (#20885) (Milos Djermanovic)

Chores

b0e466b test: add data property to invalid tests cases for rules (#20924) (Tanuj Kanti)

f78838b test: add CodePath type coverage (#20904) (Pixel998)

1daa4bd chore: update eslint-plugin-eslint-comments test data to latest commit (#20922) (Francesco Trotta)

002942c ci: declare contents:read on update-readme workflow (#20919) (Arpit Jain)

64bca24 chore: update ecosystem plugins (#20912) (ESLint Bot)

6d7c832 chore: ignore fflate updates in renovate (#20908) (Pixel998)

b2c8638 ci: bump pnpm/action-setup from 6.0.7 to 6.0.8 (#20889) (dependabot[bot])

a9b8d7f chore: increase maxBuffer for ecosystem tests (#20881) (sethamus)

b702ead chore: update ecosystem update PR settings (#20884) (Pixel998)

507f60e chore: update ecosystem plugins (#20882) (ESLint Bot)

92f5c5b test: add unit test for message-count (#20878) (kuldeep kumar)

df32108 chore: add @eslint/markdown and typescript-eslint ecosystem tests (#20837) (sethamus)

327f91d chore: use includeIgnoreFile internally (#20876) (Kirk Waiblinger)

f0dc4bd chore: pin fflate@0.8.2 (#20877) (Milos Djermanovic)

0f4bd25 ci: run Discord alert for ecosystem test failures (#20873) (Copilot)

Commits

4a3d15a 10.4.1
43e7e2b Build: changelog update for 10.4.1
e557467 fix: update @eslint/plugin-kit version to 0.7.2 (#20930)
b0e466b test: add data property to invalid tests cases for rules (#20924)
d4ce898 fix: propagate failures from delegated commands (#20917)
f4f3507 fix: prefer-arrow-callback invalid autofix with newline after async (#20916)
f78838b test: add CodePath type coverage (#20904)
61b0add docs: remove deprecated rule from related rules of max-params (#20921)
1daa4bd chore: update eslint-plugin-eslint-comments test data to latest commit (#20...
002942c ci: declare contents:read on update-readme workflow (#20919)
Additional commits viewable in compare view

Updates lint-staged from 17.0.5 to 17.0.7

Release notes

Sourced from lint-staged's releases.

v17.0.7

Patch Changes

#1806 e692e58 - Update dependency tinyexec@^1.2.4.

v17.0.6

Patch Changes

#1803 bdf2770 - Run all tests with Deno, in addition to Node.js and Bun.

#1796 7508272 - Fix performance regression of lint-staged v17 by going back to using git add to stage task modifications. This was changed to git update-index --again in v17 for less manual work, but unfortunately the update-index command gets slower in very large Git repos.

#1797 7b2505a - This version of lint-staged uses the new staged publishing for npm packages feature. Releases are already published from GitHub Actions with trusted publishing, but now an additional approval with two-factor authentication is also required.

#1802 321b0a9 - Downgrade dependency tinyexec@1.2.2 to avoid issues in version 1.2.3.

Changelog

Sourced from lint-staged's changelog.

17.0.7

Patch Changes

#1806 e692e58 - Update dependency tinyexec@^1.2.4.

17.0.6

Patch Changes

#1803 bdf2770 - Run all tests with Deno, in addition to Node.js and Bun.

#1796 7508272 - Fix performance regression of lint-staged v17 by going back to using git add to stage task modifications. This was changed to git update-index --again in v17 for less manual work, but unfortunately the update-index command gets slower in very large Git repos.

#1797 7b2505a - This version of lint-staged uses the new staged publishing for npm packages feature. Releases are already published from GitHub Actions with trusted publishing, but now an additional approval with two-factor authentication is also required.

#1802 321b0a9 - Downgrade dependency tinyexec@1.2.2 to avoid issues in version 1.2.3.

Commits

cd11fec Merge pull request #1807 from lint-staged/changeset-release/main
15a8ee0 chore(changeset): release
797bbd9 Merge pull request #1808 from lint-staged/add-stashing-faq
504e307 docs: add FAQ entry on how stashing works
eff5cd1 Merge pull request #1806 from lint-staged/update-tinyexec
e692e58 build(deps): update tinyexec@^1.2.4
a2dd4ea Merge pull request #1805 from lint-staged/update-github-templates
c928519 docs: update GitHub templates
094ba56 Merge pull request #1798 from lint-staged/changeset-release/main
88e19fe chore(changeset): release
Additional commits viewable in compare view

Updates typescript-eslint from 8.59.4 to 8.60.1

Release notes

Sourced from typescript-eslint's releases.

v8.60.1

8.60.1 (2026-06-01)

🩹 Fixes

eslint-plugin: respect ECMAScript line terminators in ts-comment rules (#12352)

eslint-plugin: [no-shadow] correct rule to match ESLint v10 handling (#12182)

❤️ Thank You

lumir

Nevette Bailey @nevette-bailey

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.60.0

8.60.0 (2026-05-25)

🚀 Features

rule-tester: added updates of RuleTester from upstream (#12291)

🩹 Fixes

playground TS version selector is not working (#12326, #12325)

❤️ Thank You

Evyatar Daud @StyleShit

Vinccool96

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.60.1 (2026-06-01)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.60.0 (2026-05-25)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

4f84a69 chore(release): publish 8.60.1
1849b53 chore: typecheck using tsgo (#12139)
f891c29 chore(release): publish 8.60.0
See full diff in compare view

Updates vite from 8.0.14 to 8.0.16

Release notes

Sourced from vite's releases.

v8.0.16

Please refer to CHANGELOG.md for details.

v8.0.15

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.0.16 (2026-06-01)

Bug Fixes

deps: reject UNC paths for launch-editor-middleware (#22571) (50b9512)

reject windows alternate paths (#22572) (dc245c7)

8.0.15 (2026-06-01)

Features

send 408 on request timeout (#22476) (c85c9ee)

update rolldown to 1.0.3 (#22538) (646dbed)

Bug Fixes

capitalize error messages and remove spurious space in parse error (#22488) (85a0eff)

deps: update all non-major dependencies (#22511) (2686d7d)

dev: fix html-proxy cache key mismatch for /@fs/ HTML paths (#21762) (47c4213)

glob: error on relative glob in virtual module when no files match (#22497) (5c8e98f)

optimizer: close the rolldown bundle when write() rejects (#22528) (e3cfb9d)

resolve: provide onWarn for viteResolvePlugin in JS plugin containers (#22509) (40985f1)

Miscellaneous Chores

deps: update rolldown-related dependencies (#22566) (3052a67)

Code Refactoring

correct logic in collectAllModules function (#22562) (6978a9c)

Commits

f94df87 release: v8.0.16
dc245c7 fix: reject windows alternate paths (#22572)
50b9512 fix(deps): reject UNC paths for launch-editor-middleware (#22571)
8d1b019 release: v8.0.15
2686d7d fix(deps): update all non-major dependencies (#22511)
3052a67 chore(deps): update rolldown-related dependencies (#22566)
e3cfb9d fix(optimizer): close the rolldown bundle when write() rejects (#22528)
6978a9c refactor: correct logic in collectAllModules function (#22562)
646dbed feat: update rolldown to 1.0.3 (#22538)
85a0eff fix: capitalize error messages and remove spurious space in parse error (#22488)
Additional commits viewable in compare view

Updates vitest from 4.1.7 to 4.1.8

Release notes

Sourced from vitest's releases.

v4.1.8

🐞 Bug Fixes

browser:

Disable client cdp API when allowWrite/allowExec: false [backport to v4] - by @hi-ogawa and Codex in vitest-dev/vitest#10450 (e4067)

Remove orphaned Playwright route when same module is mocked via multiple ids [backport to v4] - by @toxik and @Zelys-DFKH in vitest-dev/vitest#10474 (675b4)

View changes on GitHub

Commits

e61f2dd chore: release v4.1.8
e4067b3 fix(browser): disable client cdp API when allowWrite/allowExec: false [ba...
See full diff in compare view

dependabot · 2026-06-04T08:50:53Z

Labels

The following labels could not be found: dependencies, frontend. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

…13 updates Bumps the js-non-major group with 11 updates in the / directory: | Package | From | To | | --- | --- | --- | | [axios](https://github.com/axios/axios) | `1.16.1` | `1.17.0` | | [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.6` | `19.2.7` | | [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.15` | `19.2.17` | | [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.6` | `19.2.7` | | [react-error-boundary](https://github.com/bvaughn/react-error-boundary) | `6.1.1` | `6.1.2` | | [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `7.15.1` | `7.17.0` | | [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.1.7` | `4.1.8` | | [eslint](https://github.com/eslint/eslint) | `10.4.0` | `10.4.1` | | [lint-staged](https://github.com/lint-staged/lint-staged) | `17.0.5` | `17.0.7` | | [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.59.4` | `8.60.1` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `8.0.14` | `8.0.16` | Updates `axios` from 1.16.1 to 1.17.0 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.16.1...v1.17.0) Updates `react` from 19.2.6 to 19.2.7 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react) Updates `@types/react` from 19.2.15 to 19.2.17 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) Updates `react-dom` from 19.2.6 to 19.2.7 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react-dom) Updates `react-error-boundary` from 6.1.1 to 6.1.2 - [Release notes](https://github.com/bvaughn/react-error-boundary/releases) - [Commits](bvaughn/react-error-boundary@6.1.1...6.1.2) Updates `react-router-dom` from 7.15.1 to 7.17.0 - [Release notes](https://github.com/remix-run/react-router/releases) - [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md) - [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@7.17.0/packages/react-router-dom) Updates `@types/react` from 19.2.15 to 19.2.17 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) Updates `@vitest/coverage-v8` from 4.1.7 to 4.1.8 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/coverage-v8) Updates `@vitest/ui` from 4.1.7 to 4.1.8 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/ui) Updates `eslint` from 10.4.0 to 10.4.1 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v10.4.0...v10.4.1) Updates `lint-staged` from 17.0.5 to 17.0.7 - [Release notes](https://github.com/lint-staged/lint-staged/releases) - [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md) - [Commits](lint-staged/lint-staged@v17.0.5...v17.0.7) Updates `typescript-eslint` from 8.59.4 to 8.60.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.60.1/packages/typescript-eslint) Updates `vite` from 8.0.14 to 8.0.16 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v8.0.16/packages/vite) Updates `vitest` from 4.1.7 to 4.1.8 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/vitest) --- updated-dependencies: - dependency-name: "@types/react" dependency-version: 19.2.16 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: js-non-major - dependency-name: "@types/react" dependency-version: 19.2.16 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: js-non-major - dependency-name: "@vitest/coverage-v8" dependency-version: 4.1.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: js-non-major - dependency-name: "@vitest/ui" dependency-version: 4.1.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: js-non-major - dependency-name: axios dependency-version: 1.17.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: js-non-major - dependency-name: eslint dependency-version: 10.4.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: js-non-major - dependency-name: lint-staged dependency-version: 17.0.7 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: js-non-major - dependency-name: react dependency-version: 19.2.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: js-non-major - dependency-name: react-dom dependency-version: 19.2.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: js-non-major - dependency-name: react-error-boundary dependency-version: 6.1.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: js-non-major - dependency-name: react-router-dom dependency-version: 7.16.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: js-non-major - dependency-name: typescript-eslint dependency-version: 8.60.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: js-non-major - dependency-name: vite dependency-version: 8.0.16 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: js-non-major - dependency-name: vitest dependency-version: 4.1.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: js-non-major ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot force-pushed the dependabot/npm_and_yarn/develop/js-non-major-c40e5d1aaf branch from 994a6ab to bbf2ca0 Compare June 7, 2026 11:05

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

deps(npm)(deps): bump the js-non-major group across 1 directory with 13 updates#36

deps(npm)(deps): bump the js-non-major group across 1 directory with 13 updates#36
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/npm_and_yarn/develop/js-non-major-c40e5d1aaf

dependabot Bot commented on behalf of github Jun 4, 2026 •

edited

Loading

Uh oh!

dependabot Bot commented on behalf of github Jun 4, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Jun 4, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v1.17.0 — June 1, 2026

🔒 Security Fixes

🚀 New Features

🐛 Bug Fixes

🔧 Maintenance & Chores

🌟 New Contributors

v1.17.0 — June 1, 2026

🔒 Security Fixes

🚀 New Features

🐛 Bug Fixes

🔧 Maintenance & Chores

🌟 New Contributors

19.2.7 (June 1st, 2026)

React Server Components

19.2.7 (June 1st, 2026)

React Server Components

6.1.2

v7.17.0

Patch Changes

v7.16.0

Patch Changes

v4.1.8

🐞 Bug Fixes

View changes on GitHub

v4.1.8

🐞 Bug Fixes

View changes on GitHub

v10.4.1

Bug Fixes

Documentation

Chores

v17.0.7

Patch Changes

v17.0.6

Patch Changes

17.0.7

Patch Changes

17.0.6

Patch Changes

v8.60.1

8.60.1 (2026-06-01)

🩹 Fixes

❤️ Thank You

v8.60.0

8.60.0 (2026-05-25)

🚀 Features

🩹 Fixes

❤️ Thank You

8.60.1 (2026-06-01)

8.60.0 (2026-05-25)

v8.0.16

v8.0.15

8.0.16 (2026-06-01)

Bug Fixes

8.0.15 (2026-06-01)

Features

Bug Fixes

Miscellaneous Chores

Code Refactoring

v4.1.8

🐞 Bug Fixes

View changes on GitHub

Uh oh!

dependabot Bot commented on behalf of github Jun 4, 2026

Labels

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github Jun 4, 2026 •

edited

Loading