build(deps): bump the patch-updates group with 4 updates by dependabot[bot] · Pull Request #247 · AnnabelJoe/solarproof

dependabot · 2026-05-04T22:41:40Z

Bumps the patch-updates group with 4 updates: turbo, @supabase/supabase-js, @tanstack/react-query and @axe-core/playwright.

Updates turbo from 2.9.6 to 2.9.9

Release notes

Sourced from turbo's releases.

Turborepo v2.9.9

What's Changed

Changelog

release(turborepo): 2.9.8 by @github-actions[bot] in vercel/turborepo#12700

fix: Remove Unix parent death watchdogs by @anthonyshew in vercel/turborepo#12699

release(turborepo): 2.9.9-canary.1 by @github-actions[bot] in vercel/turborepo#12705

fix: Scope repo index prefixes to Git root by @anthonyshew in vercel/turborepo#12706

release(turborepo): 2.9.9-canary.2 by @github-actions[bot] in vercel/turborepo#12708

ci: Harden non-release GitHub Actions by @anthonyshew in vercel/turborepo#12707

docs: Add pnpm workspace flag (-w) to Oxc setup docs by @mattjoll in vercel/turborepo#12655

fix: Harden OG image signatures by @anthonyshew in vercel/turborepo#12709

fix: Scope release npm publishing credentials by @anthonyshew in vercel/turborepo#12710

ci: Harden release workflows by @anthonyshew in vercel/turborepo#12711

release(turborepo): 2.9.9-canary.3 by @github-actions[bot] in vercel/turborepo#12712

fix: Harden docs security endpoints by @anthonyshew in vercel/turborepo#12713

ci: Harden internal GitHub Actions by @anthonyshew in vercel/turborepo#12714

ci: Harden release workflow handling by @anthonyshew in vercel/turborepo#12715

fix: Preserve lockfiles during dry-run conversion by @anthonyshew in vercel/turborepo#12717

ci: Fix LSP workflow container matrix by @anthonyshew in vercel/turborepo#12718

New Contributors

@mattjoll made their first contribution in vercel/turborepo#12655

Full Changelog: vercel/turborepo@v2.9.8...v2.9.9

Turborepo v2.9.9-canary.4

What's Changed

Changelog

release(turborepo): 2.9.9-canary.3 by @github-actions[bot] in vercel/turborepo#12712

fix: Harden docs security endpoints by @anthonyshew in vercel/turborepo#12713

ci: Harden internal GitHub Actions by @anthonyshew in vercel/turborepo#12714

ci: Harden release workflow handling by @anthonyshew in vercel/turborepo#12715

Full Changelog: vercel/turborepo@v2.9.9-canary.3...v2.9.9-canary.4

Turborepo v2.9.9-canary.3

What's Changed

Changelog

release(turborepo): 2.9.9-canary.2 by @github-actions[bot] in vercel/turborepo#12708

ci: Harden non-release GitHub Actions by @anthonyshew in vercel/turborepo#12707

docs: Add pnpm workspace flag (-w) to Oxc setup docs by @mattjoll in vercel/turborepo#12655

fix: Harden OG image signatures by @anthonyshew in vercel/turborepo#12709

fix: Scope release npm publishing credentials by @anthonyshew in vercel/turborepo#12710

... (truncated)

Commits

6041700 publish 2.9.9 to registry
ac55ec9 ci: Fix LSP workflow container matrix (#12718)
3192551 fix: Preserve lockfiles during dry-run conversion (#12717)
f89f3bd ci: Harden release workflow handling (#12715)
cbe31ef ci: Harden internal GitHub Actions (#12714)
56eefcc fix: Harden docs security endpoints (#12713)
6f35176 release(turborepo): 2.9.9-canary.3 (#12712)
709c9d4 ci: Harden release workflows (#12711)
382f305 fix: Scope release npm publishing credentials (#12710)
76d26f8 fix: Harden OG image signatures (#12709)
Additional commits viewable in compare view

Updates @supabase/supabase-js from 2.105.0 to 2.105.3

Release notes

Sourced from @supabase/supabase-js's releases.

v2.105.3

2.105.3 (2026-05-04)

🩹 Fixes

auth: narrow OAuth/CustomProvider types to fix downstream consumer typecheck (#2326)

v2.105.2

2.105.2 (2026-05-04)

🩹 Fixes

auth: forward lockAcquireTimeout to SupabaseAuthClient (#2309)

auth: add toJSON to WebAuthnError for correct JSON serialization (#2317)

misc: widen enum-like unions with (string & {}) for forward compat (#2303)

misc: reduce any usage across packages (#2314)

postgrest: unify insert/upsert signatures (#2315)

❤️ Thank You

Muzzaiyyan Hussain @MuzzaiyyanHussain

v2.105.2-canary.4

2.105.2-canary.4 (2026-05-04)

This was a version bump only, there were no code changes.

v2.105.2-canary.3

2.105.2-canary.3 (2026-05-04)

This was a version bump only, there were no code changes.

v2.105.2-canary.2

2.105.2-canary.2 (2026-05-04)

🩹 Fixes

auth: add toJSON to WebAuthnError for correct JSON serialization (#2317)

misc: reduce any usage across packages (#2314)

postgrest: unify insert/upsert signatures (#2315)

v2.105.2-canary.1

2.105.2-canary.1 (2026-05-04)

🩹 Fixes

auth: forward lockAcquireTimeout to SupabaseAuthClient (#2309)

❤️ Thank You

... (truncated)

Changelog

Sourced from @supabase/supabase-js's changelog.

2.105.1 (2026-04-28)

This was a version bump only for @supabase/supabase-js to align it with other projects, there were no code changes.

Commits

db53b0f chore(release): version 2.105.2 changelogs (#2323)
5223888 [patchback] docs(repo): @category and @subcategory tags across all packages (...
0412d0d fix(auth): forward lockAcquireTimeout to SupabaseAuthClient (#2309)
42c9cbb [patchback] fix(misc): widen enum-like unions with (string & {}) for forward ...
7e1773c chore(release): version 2.105.1 changelogs (#2302)
ca8c418 chore(release): version 2.105.0 changelogs (#2290)
See full diff in compare view

Updates @tanstack/react-query from 5.100.5 to 5.100.9

Release notes

Sourced from @tanstack/react-query's releases.

@tanstack/react-query-devtools@5.100.9

Patch Changes

Updated dependencies [3d21cac]:

@tanstack/query-devtools@5.100.9

@tanstack/react-query@5.100.9

@tanstack/react-query-next-experimental@5.100.9

Patch Changes

Updated dependencies []:

@tanstack/react-query@5.100.9

@tanstack/react-query-persist-client@5.100.9

Patch Changes

Updated dependencies []:

@tanstack/query-persist-client-core@5.100.9

@tanstack/react-query@5.100.9

@tanstack/react-query@5.100.9

Patch Changes

Updated dependencies [fcee7bd]:

@tanstack/query-core@5.100.9

@tanstack/react-query-devtools@5.100.8

Patch Changes

Updated dependencies []:

@tanstack/query-devtools@5.100.8

@tanstack/react-query@5.100.8

@tanstack/react-query-next-experimental@5.100.8

Patch Changes

Updated dependencies []:

@tanstack/react-query@5.100.8

@tanstack/react-query-persist-client@5.100.8

Patch Changes

Updated dependencies []:

@tanstack/query-persist-client-core@5.100.8

@tanstack/react-query@5.100.8

@tanstack/react-query@5.100.8

Patch Changes

Updated dependencies []:

... (truncated)

Changelog

Sourced from @tanstack/react-query's changelog.

5.100.9

Patch Changes

Updated dependencies [fcee7bd]:

@tanstack/query-core@5.100.9

5.100.8

Patch Changes

Updated dependencies []:

@tanstack/query-core@5.100.8

5.100.7

Patch Changes

Updated dependencies []:

@tanstack/query-core@5.100.7

5.100.6

Patch Changes

Updated dependencies []:

@tanstack/query-core@5.100.6

Commits

8c3d523 ci: Version Packages (#10630)
9800c8f ci: Version Packages (#10623)
3ae4261 ci: Version Packages (#10620)
87f7ccf ci: Version Packages (#10604)
See full diff in compare view

Updates @axe-core/playwright from 4.11.2 to 4.11.3

Release notes

Sourced from @axe-core/playwright's releases.

v4.11.3

What's Changed

chore: add create-release workflow by @Garbee in dequelabs/axe-core-npm#1326

chore: merge master into develop by @attest-team-ci in dequelabs/axe-core-npm#1324

fix: Update axe-core to v4.11.4 by @attest-team-ci in dequelabs/axe-core-npm#1330

chore: RC v4.11.3 by @github-actions[bot] in dequelabs/axe-core-npm#1332

chore: release v4.11.3 by @axe-core in dequelabs/axe-core-npm#1335

New Contributors

@axe-core made their first contribution in dequelabs/axe-core-npm#1335

Full Changelog: dequelabs/axe-core-npm@v4.11.2...v4.11.3

Changelog

Sourced from @axe-core/playwright's changelog.

Change Log

All notable changes to this project will be documented in this file. See Conventional Commits for commit guidelines.

Commits

25fbfd2 chore: release v4.11.3 (#1335)
dad3572 chore: RC v4.11.3 (#1332)
582a7fc chore: RC v4.11.3
eed87f5 fix: Update axe-core to v4.11.4 (#1330)
57c5437 chore: merge master into develop (#1324)
da56b5d chore: add create-release workflow (#1326)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the patch-updates group with 4 updates: [turbo](https://github.com/vercel/turborepo), [@supabase/supabase-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js), [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) and [@axe-core/playwright](https://github.com/dequelabs/axe-core-npm). Updates `turbo` from 2.9.6 to 2.9.9 - [Release notes](https://github.com/vercel/turborepo/releases) - [Changelog](https://github.com/vercel/turborepo/blob/main/RELEASE.md) - [Commits](vercel/turborepo@v2.9.6...v2.9.9) Updates `@supabase/supabase-js` from 2.105.0 to 2.105.3 - [Release notes](https://github.com/supabase/supabase-js/releases) - [Changelog](https://github.com/supabase/supabase-js/blob/develop/packages/core/supabase-js/CHANGELOG.md) - [Commits](https://github.com/supabase/supabase-js/commits/v2.105.3/packages/core/supabase-js) Updates `@tanstack/react-query` from 5.100.5 to 5.100.9 - [Release notes](https://github.com/TanStack/query/releases) - [Changelog](https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md) - [Commits](https://github.com/TanStack/query/commits/@tanstack/react-query@5.100.9/packages/react-query) Updates `@axe-core/playwright` from 4.11.2 to 4.11.3 - [Release notes](https://github.com/dequelabs/axe-core-npm/releases) - [Changelog](https://github.com/dequelabs/axe-core-npm/blob/develop/CHANGELOG.md) - [Commits](dequelabs/axe-core-npm@v4.11.2...v4.11.3) --- updated-dependencies: - dependency-name: turbo dependency-version: 2.9.9 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: patch-updates - dependency-name: "@supabase/supabase-js" dependency-version: 2.105.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-updates - dependency-name: "@tanstack/react-query" dependency-version: 5.100.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-updates - dependency-name: "@axe-core/playwright" dependency-version: 4.11.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: patch-updates ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-05-04T22:41:40Z

Labels

The following labels could not be found: dependencies, javascript. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

github-actions · 2026-05-04T22:42:05Z

🔍 Vercel Preview Deployment

URL: Learn More: https://err.sh/vercel/no-credentials-found

Uses Stellar testnet contract addresses.

github-actions · 2026-05-04T22:42:15Z

✅ cargo audit

�[1m�[32m    Updating�[0m crates.io index
�[1m�[32m     Locking�[0m 185 packages to latest compatible versions
�[1m�[36m      Adding�[0m arbitrary v1.3.2 �[1m�[33m(available: v1.4.2)�[0m
�[1m�[36m      Adding�[0m crypto-common v0.1.6 �[1m�[33m(available: v0.1.7)�[0m
�[1m�[36m      Adding�[0m darling v0.23.0 �[1m�[31m(requires Rust 1.88.0)�[0m
�[1m�[36m      Adding�[0m darling_core v0.23.0 �[1m�[31m(requires Rust 1.88.0)�[0m
�[1m�[36m      Adding�[0m darling_macro v0.23.0 �[1m�[31m(requires Rust 1.88.0)�[0m
�[1m�[36m      Adding�[0m derive_arbitrary v1.3.2 �[1m�[33m(available: v1.4.2)�[0m
�[1m�[36m      Adding�[0m serde_with v3.19.0 �[1m�[31m(requires Rust 1.88)�[0m
�[1m�[36m      Adding�[0m serde_with_macros v3.19.0 �[1m�[31m(requires Rust 1.88)�[0m
�[1m�[36m      Adding�[0m soroban-builtin-sdk-macros v23.0.1 �[1m�[33m(available: v23.0.2)�[0m
�[1m�[36m      Adding�[0m soroban-env-common v23.0.1 �[1m�[33m(available: v23.0.2)�[0m
�[1m�[36m      Adding�[0m soroban-env-guest v23.0.1 �[1m�[33m(available: v23.0.2)�[0m
�[1m�[36m      Adding�[0m soroban-env-host v23.0.1 �[1m�[33m(available: v23.0.2)�[0m
�[1m�[36m      Adding�[0m soroban-env-macros v23.0.1 �[1m�[33m(available: v23.0.2)�[0m
�[1m�[36m      Adding�[0m soroban-sdk v23.5.3 �[1m�[33m(available: v25.3.0)�[0m
�[1m�[36m      Adding�[0m time v0.3.47 �[1m�[31m(requires Rust 1.88.0)�[0m
�[1m�[36m      Adding�[0m time-core v0.1.8 �[1m�[31m(requires Rust 1.88.0)�[0m
�[1m�[36m      Adding�[0m time-macros v0.2.27 �[1m�[31m(requires Rust 1.88.0)�[0m
�[0m�[0m�[1m�[32m    Fetching�[0m advisory database from `https://github.com/RustSec/advisory-db.git`
�[0m�[0m�[1m�[32m      Loaded�[0m 1067 security advisories (from /home/runner/.cargo/advisory-db)
�[0m�[0m�[1m�[32m    Updating�[0m crates.io index
�[0m�[0m�[1m�[32m    Scanning�[0m Cargo.lock for vulnerabilities (189 crate dependencies)
�[0m�[0m�[1m�[33mCrate:    �[0m derivative
�[0m�[0m�[1m�[33mVersion:  �[0m 2.2.0
�[0m�[0m�[1m�[33mWarning:  �[0m unmaintained
�[0m�[0m�[1m�[33mTitle:    �[0m `derivative` is unmaintained; consider using an alternative
�[0m�[0m�[1m�[33mDate:     �[0m 2024-06-26
�[0m�[0m�[1m�[33mID:       �[0m RUSTSEC-2024-0388
�[0m�[0m�[1m�[33mURL:      �[0m https://rustsec.org/advisories/RUSTSEC-2024-0388
�[0m�[0m�[1m�[33mDependency tree:
�[0mderivative 2.2.0
├── ark-poly 0.4.2
│   └── ark-ec 0.4.2
│       ├── soroban-env-host 23.0.1
│       │   ├── soroban-sdk 23.5.3
│       │   │   ├── multisig-admin 1.0.0
│       │   │   ├── energy-token 1.0.0
│       │   │   ├── community-governance 1.0.0
│       │   │   └── audit-registry 1.0.0
│       │   └── soroban-ledger-snapshot 23.5.3
│       │       └── soroban-sdk 23.5.3
│       └── ark-bls12-381 0.4.0
│           └── soroban-env-host 23.0.1
├── ark-ff 0.4.2
│   ├── soroban-env-host 23.0.1
│   ├── ark-poly 0.4.2
│   ├── ark-ec 0.4.2
│   └── ark-bls12-381 0.4.0
└── ark-ec 0.4.2

�[0m�[0m�[1m�[33mCrate:    �[0m paste
�[0m�[0m�[1m�[33mVersion:  �[0m 1.0.15
�[0m�[0m�[1m�[33mWarning:  �[0m unmaintained
�[0m�[0m�[1m�[33mTitle:    �[0m paste - no longer maintained
�[0m�[0m�[1m�[33mDate:     �[0m 2024-10-07
�[0m�[0m�[1m�[33mID:       �[0m RUSTSEC-2024-0436
�[0m�[0m�[1m�[33mURL:      �[0m https://rustsec.org/advisories/RUSTSEC-2024-0436
�[0m�[0m�[1m�[33mDependency tree:
�[0mpaste 1.0.15
├── wasmi_core 0.13.0
│   └── soroban-wasmi 0.31.1-soroban.20.0.1
│       ├── soroban-env-host 23.0.1
│       │   ├── soroban-sdk 23.5.3
│       │   │   ├── multisig-admin 1.0.0
│       │   │   ├── energy-token 1.0.0
│       │   │   ├── community-governance 1.0.0
│       │   │   └── audit-registry 1.0.0
│       │   └── soroban-ledger-snapshot 23.5.3
│       │       └── soroban-sdk 23.5.3
│       └── soroban-env-common 23.0.1
│           ├── soroban-sdk-macros 23.5.3
│           │   └── soroban-sdk 23.5.3
│           ├── soroban-ledger-snapshot 23.5.3
│           ├── soroban-env-host 23.0.1
│           └── soroban-env-guest 23.0.1
│               └── soroban-sdk 23.5.3
└── ark-ff 0.4.2
    ├── soroban-env-host 23.0.1
    ├── ark-poly 0.4.2
    │   └── ark-ec 0.4.2
    │       ├── soroban-env-host 23.0.1
    │       └── ark-bls12-381 0.4.0
    │           └── soroban-env-host 23.0.1
    ├── ark-ec 0.4.2
    └── ark-bls12-381 0.4.0

�[0m�[0m�[1m�[33mwarning:�[0m 2 allowed warnings found

github-actions · 2026-05-19T06:23:26Z

🎉 This PR is included in version 1.0.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

github-actions Bot merged commit 825e555 into main May 4, 2026
8 of 13 checks passed

dependabot Bot deleted the dependabot/npm_and_yarn/patch-updates-90560fd107 branch May 4, 2026 22:42

github-actions Bot added the released label May 19, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump the patch-updates group with 4 updates#247

build(deps): bump the patch-updates group with 4 updates#247
github-actions[bot] merged 1 commit into
mainfrom
dependabot/npm_and_yarn/patch-updates-90560fd107

dependabot Bot commented on behalf of github May 4, 2026

Uh oh!

dependabot Bot commented on behalf of github May 4, 2026

Uh oh!

Uh oh!

github-actions Bot commented May 4, 2026

Uh oh!

github-actions Bot commented May 4, 2026

Uh oh!

github-actions Bot commented May 19, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github May 4, 2026

Turborepo v2.9.9

What's Changed

Changelog

New Contributors

Turborepo v2.9.9-canary.4

What's Changed

Changelog

Turborepo v2.9.9-canary.3

What's Changed

Changelog

v2.105.3

2.105.3 (2026-05-04)

🩹 Fixes

v2.105.2

2.105.2 (2026-05-04)

🩹 Fixes

❤️ Thank You

v2.105.2-canary.4

2.105.2-canary.4 (2026-05-04)

v2.105.2-canary.3

2.105.2-canary.3 (2026-05-04)

v2.105.2-canary.2

2.105.2-canary.2 (2026-05-04)

🩹 Fixes

v2.105.2-canary.1

2.105.2-canary.1 (2026-05-04)

🩹 Fixes

❤️ Thank You

2.105.1 (2026-04-28)

@​tanstack/react-query-devtools@​5.100.9

Patch Changes

@​tanstack/react-query-next-experimental@​5.100.9

Patch Changes

@​tanstack/react-query-persist-client@​5.100.9

Patch Changes

@​tanstack/react-query@​5.100.9

Patch Changes

@​tanstack/react-query-devtools@​5.100.8

Patch Changes

@​tanstack/react-query-next-experimental@​5.100.8

Patch Changes

@​tanstack/react-query-persist-client@​5.100.8

Patch Changes

@​tanstack/react-query@​5.100.8

Patch Changes

5.100.9

Patch Changes

5.100.8

Patch Changes

5.100.7

Patch Changes

5.100.6

Patch Changes

v4.11.3

What's Changed

New Contributors

Change Log

Uh oh!

dependabot Bot commented on behalf of github May 4, 2026

Labels

Uh oh!

Uh oh!

github-actions Bot commented May 4, 2026

🔍 Vercel Preview Deployment

Uh oh!

github-actions Bot commented May 4, 2026

✅ cargo audit

Uh oh!

github-actions Bot commented May 19, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

`@tanstack/react-query-devtools@5`.100.9

`@tanstack/react-query-next-experimental@5`.100.9

`@tanstack/react-query-persist-client@5`.100.9

`@tanstack/react-query@5`.100.9

`@tanstack/react-query-devtools@5`.100.8

`@tanstack/react-query-next-experimental@5`.100.8

`@tanstack/react-query-persist-client@5`.100.8

`@tanstack/react-query@5`.100.8