Skip to content

Comments

Pin dependencies#175

Open
renovate[bot] wants to merge 1 commit intomainfrom
renovate/all-dependencies
Open

Pin dependencies#175
renovate[bot] wants to merge 1 commit intomainfrom
renovate/all-dependencies

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Oct 20, 2025

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Type Update Change Pending Age Confidence
@ai-sdk/anthropic (source) devDependencies pin ^3.0.133.0.13 age confidence
@ai-sdk/google (source) devDependencies pin ^3.0.303.0.30 age confidence
@ai-sdk/groq (source) devDependencies pin ^3.0.83.0.8 age confidence
@ai-sdk/openai (source) devDependencies pin ^3.0.103.0.10 age confidence
@ai-sdk/provider (source) devDependencies pin ^3.0.33.0.3 age confidence
@ai-sdk/provider-utils (source) devDependencies pin ^4.0.64.0.6 age confidence
@convex-dev/rag devDependencies patch 0.7.00.7.1 age confidence
@convex-dev/rate-limiter devDependencies patch 0.3.00.3.2 age confidence
@convex-dev/workflow devDependencies patch 0.3.20.3.4 age confidence
@eslint/js (source) devDependencies minor 9.38.09.39.3 age confidence
@radix-ui/react-accordion (source) dependencies patch 1.2.111.2.12 age confidence
@radix-ui/react-alert-dialog (source) dependencies patch 1.1.141.1.15 age confidence
@radix-ui/react-aspect-ratio (source) dependencies patch 1.1.71.1.8 age confidence
@radix-ui/react-avatar (source) dependencies patch 1.1.101.1.11 age confidence
@radix-ui/react-checkbox (source) dependencies patch 1.3.21.3.3 age confidence
@radix-ui/react-collapsible (source) dependencies patch 1.1.111.1.12 age confidence
@radix-ui/react-context-menu (source) dependencies patch 2.2.152.2.16 age confidence
@radix-ui/react-dialog (source) dependencies patch 1.1.141.1.15 age confidence
@radix-ui/react-dropdown-menu (source) dependencies patch 2.1.152.1.16 age confidence
@radix-ui/react-hover-card (source) dependencies patch 1.1.141.1.15 age confidence
@radix-ui/react-label (source) dependencies patch 2.1.72.1.8 age confidence
@radix-ui/react-label (source) devDependencies patch 2.1.72.1.8 age confidence
@radix-ui/react-menubar (source) dependencies patch 1.1.151.1.16 age confidence
@radix-ui/react-navigation-menu (source) dependencies patch 1.2.131.2.14 age confidence
@radix-ui/react-popover (source) dependencies patch 1.1.141.1.15 age confidence
@radix-ui/react-progress (source) dependencies patch 1.1.71.1.8 age confidence
@radix-ui/react-radio-group (source) dependencies patch 1.3.71.3.8 age confidence
@radix-ui/react-scroll-area (source) dependencies patch 1.2.91.2.10 age confidence
@radix-ui/react-select (source) dependencies patch 2.2.52.2.6 age confidence
@radix-ui/react-separator (source) dependencies patch 1.1.71.1.8 age confidence
@radix-ui/react-slider (source) dependencies patch 1.3.51.3.6 age confidence
@radix-ui/react-slot (source) dependencies patch 1.2.31.2.4 age confidence
@radix-ui/react-slot (source) devDependencies patch 1.2.31.2.4 age confidence
@radix-ui/react-switch (source) dependencies patch 1.2.51.2.6 age confidence
@radix-ui/react-tabs (source) dependencies patch 1.1.121.1.13 age confidence
@radix-ui/react-toast (source) dependencies patch 1.2.141.2.15 age confidence
@radix-ui/react-toggle (source) dependencies patch 1.1.91.1.10 age confidence
@radix-ui/react-toggle-group (source) dependencies patch 1.1.101.1.11 age confidence
@radix-ui/react-tooltip (source) dependencies patch 1.2.71.2.8 age confidence
@tailwindcss/typography dependencies patch 0.5.160.5.19 age confidence
@types/node (source) devDependencies patch 20.19.2420.19.33 age confidence
@types/react (source) devDependencies patch 19.2.219.2.14 age confidence
@types/react-dom (source) devDependencies patch 19.2.219.2.3 age confidence
actions/checkout (changelog) action digest 08c690393cb6ef
actions/checkout (changelog) action digest 08eba0b34e1148
ai (source) devDependencies pin ^6.0.356.0.35 age confidence
autoprefixer dependencies patch 10.4.2110.4.24 age confidence
autoprefixer devDependencies patch 10.4.2110.4.24 age confidence
convex (source) devDependencies minor 1.29.31.32.0 age confidence
convex-helpers (source) devDependencies patch 0.1.1040.1.113 age confidence
convex-test (source) devDependencies patch 0.0.380.0.41 age confidence
dayjs (source) devDependencies patch 1.11.181.11.19 age confidence
eslint (source) devDependencies minor 9.38.09.39.3 age confidence
eslint-plugin-react-hooks (source) devDependencies pin ^66.1.1 age confidence
eslint-plugin-react-refresh devDependencies minor 0.4.240.5.0 0.5.2 (+1) age confidence
globals devDependencies minor 16.4.016.5.0 age confidence
lucide-react (source) dependencies minor ^0.548.0^0.575.0 age confidence
lucide-react (source) devDependencies minor 0.548.00.575.0 age confidence
ollama-ai-provider devDependencies pin ^1.2.01.2.0 age confidence
path-exists-cli devDependencies pin ^2.0.02.0.0 age confidence
pkg-pr-new (source) devDependencies patch 0.0.600.0.63 age confidence
prettier (source) devDependencies minor 3.6.23.8.1 age confidence
react (source) devDependencies patch 19.2.319.2.4 age confidence
react-day-picker (source) dependencies minor 9.8.19.13.2 age confidence
react-dom (source) devDependencies patch 19.2.319.2.4 age confidence
react-hook-form (source) dependencies minor 7.62.07.71.2 age confidence
react-hook-form (source) devDependencies minor 7.65.07.71.2 age confidence
react-router-dom (source) dependencies patch 6.30.16.30.3 age confidence
react-router-dom (source) devDependencies minor 7.9.57.13.0 7.13.1 age confidence
tailwind-merge dependencies patch 2.6.02.6.1 age confidence
tailwind-merge devDependencies minor 3.3.13.5.0 age confidence
tailwindcss (source) dependencies patch 3.4.173.4.19 age confidence
tailwindcss (source) devDependencies patch 3.4.183.4.19 age confidence
typescript-eslint (source) devDependencies minor 8.46.28.56.0 8.56.1 age confidence

⚠️ Renovate's pin functionality does not currently wire in the release age for a package, so the Minimum Release Age checks can apply. You will need to manually validate the Minimum Release Age for these package(s).

Add the preset :preserveSemverRanges to your config if you don't want to pin your dependencies.


Release Notes

get-convex/rag (@​convex-dev/rag)

v0.7.1

Compare Source

  • Adds hybrid text/vector search (credit:richardsolomou)
get-convex/rate-limiter (@​convex-dev/rate-limiter)

v0.3.2

Compare Source

  • Pass client-provided keys to the key function, don't trust them by default.
    This was a quick follow-up to 0.3.1 to prevent passing arbitrary keys from the
    client un-validated

v0.3.1

Compare Source

  • Allow client-provided key for rate limiter hooks (credit: marcoshernanz)
  • Add consts for WEEK and DAY (credit: marwand)
get-convex/workflow (@​convex-dev/workflow)

v0.3.4

Compare Source

v0.3.3

Compare Source

eslint/eslint (@​eslint/js)

v9.39.3

Compare Source

Bug Fixes

  • 791bf8d fix: restore TypeScript 4.0 compatibility in types (#​20504) (sethamus)

Chores

v9.39.2

Compare Source

v9.39.1

Compare Source

v9.39.0

Compare Source

radix-ui/primitives (@​radix-ui/react-aspect-ratio)

v1.1.8

tailwindlabs/tailwindcss-typography (@​tailwindcss/typography)

v0.5.19

Compare Source

Fixed
  • Fixed broken color styles (#​405)

v0.5.18

Compare Source

Fixed
  • Fixed undefined variable error (#​403)

v0.5.17

Compare Source

Added
  • Add modifiers for description list elements (#​357)
  • Add prose-picture modifier (#​367)
Fixed
  • Include unit in hr border-width value (#​379)
  • Ensure <kbd> styles work with Tailwind CSS v4 (#​387)
Changed
  • Remove lodash dependencies (#​402)
postcss/autoprefixer (autoprefixer)

v10.4.24

Compare Source

  • Made Autoprefixer a little faster (by @​Cherry).

v10.4.23

Compare Source

v10.4.22

Compare Source

  • Fixed stretch prefixes on new Can I Use database.
  • Updated fraction.js.
get-convex/convex-js (convex)

v1.32.0

  • Improved the API documentation with more examples to help AI agents.

  • Added a new npx convex insights CLI command to show the insights
    for a deployment.

  • Added insights MCP tool for diagnosing OCC conflicts and resource limit issues
    on cloud deployments.

  • The insights MCP tool works on production deployments without requiring
    --dangerously-enable-production-deployments.

  • When using a local Convex backend (local dev deployment, agent mode or
    anonymous mode), the deployment’s data is now stored in a .convex
    directory in the project root (instead of ~/.convex). This change
    is helpful when using multiple worktrees, since each worktree can get
    its own isolated storage. Existing local deployments are not affected.

  • Added new options maximumRowsRead and maximumBytesRead
    to PaginationOptions to get more fine-grained control over
    the number of rows read when using pagination.

  • When creating a new dev deployment, the Convex CLI now asks you which
    deployment region you want to use if you haven’t set a team default.

  • Increased the default value for authRefreshTokenLeewaySeconds
    to 10 seconds.

  • The CLI now uses VITE_CONVEX_* environment variables when using Remix
    alongside Vite, instead of CONVEX_*.

  • Fixed an issue where the CLI would sometimes be affected by GitHub API
    rate limits when downloading the local deployment binary.

  • Fixed an issue where websockets would disconnect when using Bun.

  • Fixed an issue with the WorkOS integration that caused crashes
    when running npx convex deploy with a deployment that has
    its own WorkOS credentials.

  • Fixed an issue with the WorkOS integration where the
    WORKOS_API_KEY environment variable from the shell
    would incorrectly be used.

  • Fixed an issue where some modifications to auth.config.ts
    would cause the push process to fail.

  • Fixed an issue on Windows that caused arrow key presses to be ignored when the “cloud or local deployment” prompt is shown.

v1.31.7

  • Add getConvexSize and getDocumentSize functions to convex/values for calculating the size of Convex values in bytes. This is the same size calculation used for bandwidth tracking and document size limits.
  • Optimize code push to only upload changed modules.
  • Include CONVEX_SITE_URL in environment variables.

v1.31.6

  • Added a new authKit field in convex.json that allows you to customize the automatic provisioning and configuration of WorkOS environments.
  • The CLI now warns you when using a Node.js version older than Node.js 20.
  • Improved error messages when requests fail in the MCP server.
  • Improved the error message when creating a component with an invalid name.

v1.31.5

  • Exclude source code content from bundled sourcemaps by default. This reduces the
    size of the bundled pushed by npx convex dev and npx convex deploy to make
    them run faster.
  • This version drops support for Node.js 18. Please update to Node.js 20 or newer.

v1.31.4

v1.31.3

  • CONVEX_AGENT_MODE=anonymous can now be used while logged in.

  • The client will try to reconnect immediately after being offline instead of
    waiting for the scheduled backoff delay.

  • Optimize bundling during code push, and add includeSourcesContent option in
    convex.json to configure whether to include source code content in bundled
    sourcemaps.

v1.31.2

  • Bug fix: the TypeScript types of the new ctx.db APIs introduced in 1.31.0
    incorrectly allowed passing IDs with types broader than the table name
    argument (e.g. db.get("table1", id) where id is
    Id<"table1"> | Id<"table2">). This issue is fixed in 1.31.2.

v1.31.1

v1.31.0

  • db.get, db.patch, db.replace, and db.delete now accept a table name as
    the first argument (e.g. db.get("messages", messageId) instead of
    db.get(messageId)). This new syntax is more ergonomic, safer, and will allow
    developers to customize IDs in the future. We recommend that all developers
    migrate to the new syntax, using the ESLint rule
    @convex-dev/explicit-table-ids
    or our standalone codemod tool
    (npx @&#8203;convex-dev/codemod@latest explicit-ids).
    Learn more on news.convex.dev

v1.30.0

  • The --preview-create parameter for npx convex deploy will now error if
    used with a deploy key that is not a preview deploy key. Previously, the flag
    would be ignored in this situation, and npx convex deploy would deploy to
    the production deployment. If you were depending on this behavior, make sure
    to remove the --preview-create flag when deploying to production.
get-convex/convex-helpers (convex-helpers)

v0.1.113

Compare Source

  • Zod 4 support: fix the input type of zid (thanks @​danth3b0t!)

v0.1.112

Compare Source

  • Zod 4 support: fix an issue where zodToConvex would incorrectly
    identify some types as v.id() when using Zod schema inheritance.
  • Relationships: fix the return type of getManyVia
    and getManyViaOrThrow when using system tables.

v0.1.111

Compare Source

  • Allow a hono http router register more routes using the standard
    Convex HttpRouter API

v0.1.110

Compare Source

  • Improve db wrapping in Triggers to support using an RLS-wrapped DB

v0.1.109

Compare Source

  • Triggers/row-level security: fix a type issue with the ctx.db APIs with
    table name arguments (see the changelog of
    convex@1.31.2)
  • Zod 4: fix handling of optional in the type of zodOutputToConvex (credit: ksinghal)
  • Fixes validation of records with undefined values. validate will now skip entries
    with undefined values for record and object validators, and parse will drop
    entries from records that have undefined values.
  • The openapi and ts generator commands will now avoid adding .yaml if the filename
    already includes it.

v0.1.108

Compare Source

  • makeUseQueryWithStatus: fix handling of some argument values
    (credit: RhysSullivan)
  • Triggers: fix handling of ctx.db calls with a table name parameter

v0.1.107

Compare Source

  • Zod support: branded object types are now supported (credit: gary-ix)
  • Fixes skipConvexValidation for zod custom functions to still do zod validation.

v0.1.106

Compare Source

  • Update typedV to match the type of the installed convex validators for v.nullable
  • Improves handling of literals() helper to keep the ordering of its members
  • Improved Zod 4 handling of circular types, empty returns, and empty function args
  • Zod 4 transforms can now be asynchronous

v0.1.105

Compare Source

  • convex-helpers now supports Zod 4! (#​840)
    • The new methods that support Zod 4 can be found in convex-helpers/server/zod4
    • Existing types and methods for Zod 3 support have been moved
      (convex-helpers/server/zodconvex-helpers/server/zod3)
    • Thanks to @​ksinghal and @​natedunn for their contributions to this improvement.
  • Zod 3 support: fix the return types of zodOutputToConvex for objects and unions
    (credit: gari-ix)
  • Zod 3 support: improve the type safety of onSuccess in custom function builders
  • Sessions: If the only argument to a session function is the sessionId,
    allow omitting args in React.
get-convex/convex-test (convex-test)

v0.0.41

Compare Source

v0.0.40

Compare Source

  • Extends ctx in t.run to conform to both MutationCtx and ActionCtx.

v0.0.39

Compare Source

  • Adds support for using the upcoming ctx.db syntax where you pass explicit table names.
  • Improves text search implementation to more closely match Convex text search: case insensitive, splitting whitespace and handling undefined in withIn
    ex.
iamkun/dayjs (dayjs)

v1.11.19

Compare Source

Bug Fixes
  • added usage warnings for diff + updated unit tests (#​2948) (269a7a9)
  • dont instantiate regexes within ar locale functions to avoid performance overhead (#​2898) (af5e9f0)
  • replace italian locale "un' ora fa" with "un'ora fa", add tests for it (#​2930) (9e9f76c)
  • Updated Belarusian locale with relative time (#​2656) (1d8746c)
ArnaudBarre/eslint-plugin-react-refresh (eslint-plugin-react-refresh)

v0.5.0

Compare Source

Breaking changes
  • The package now ships as ESM and requires ESLint 9 + node 20. Because legacy config doesn't support ESM, this requires to use flat config
  • A new reactRefresh export is available and prefered over the default export. It's an object with two properties:
    • plugin: The plugin object with the rules
    • configs: An object containing configuration presets, each exposed as a function. These functions accept your custom options, merge them with sensible defaults for that config, and return the final config object.
  • customHOCs option was renamed to extraHOCs
  • Validation of HOCs calls is now more strict, you may need to add some HOCs to the extraHOCs option

Config example:

import { defineConfig } from "eslint/config";
import { reactRefresh } from "eslint-plugin-react-refresh";

export default defineConfig(
  /* Main config */
  reactRefresh.configs.vite({ extraHOCs: ["someLibHOC"] }),
);

Config example without config:

import { defineConfig } from "eslint/config";
import { reactRefresh } from "eslint-plugin-react-refresh";

export default defineConfig({
  files: ["**/*.ts", "**/*.tsx"],
  plugins: {
    // other plugins
    "react-refresh": reactRefresh.plugin,
  },
  rules: {
    // other rules
    "react-refresh/only-export-components": [
      "warn",
      { extraHOCs: ["someLibHOC"] },
    ],
  },
});
Why

This version follows a revamp of the internal logic to better make the difference between random call expressions like export const Enum = Object.keys(Record) and actual React HOC calls like export const MemoComponent = memo(Component). (fixes #​93)

The rule now handles ternaries and patterns like export default customHOC(props)(Component) which makes it able to correctly support files like this one given this config:

{
  "react-refresh/only-export-components": [
    "warn",
    { "extraHOCs": ["createRootRouteWithContext"] }
  ]
}

[!NOTE]
Actually createRoute functions from TanStack Router are not React HOCs, they return route objects that fake to be a memoized component but are not. When only doing createRootRoute({ component: Foo }), HMR will work fine, but as soon as you add a prop to the options that is not a React component, HMR will not work. I would recommend to avoid adding any TanStack function to extraHOCs it you want to preserve good HMR in the long term. [Bluesky thread](https


Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 04:59 AM, only on Monday ( * 0-4 * * 1 ) in timezone America/Los_Angeles, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@pkg-pr-new
Copy link

pkg-pr-new bot commented Oct 20, 2025

Open in StackBlitz

npm i https://pkg.pr.new/get-convex/agent/@convex-dev/agent@175

commit: bdf2402

@renovate renovate bot force-pushed the renovate/all-dependencies branch 12 times, most recently from 9e87ca9 to ed7b447 Compare October 26, 2025 09:34
@renovate renovate bot force-pushed the renovate/all-dependencies branch 4 times, most recently from fa44d3f to 121ed47 Compare October 28, 2025 07:50
@renovate
Copy link
Contributor Author

renovate bot commented Oct 28, 2025

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: playground/package-lock.json
npm warn Unknown env config "store". This will stop working in the next major version of npm.
npm error code ERESOLVE
npm error ERESOLVE unable to resolve dependency tree
npm error
npm error While resolving: @convex-dev/agent-playground@0.0.20
npm error Found: react@undefined
npm error node_modules/react
npm error   dev react@"file:../node_modules/react" from the root project
npm error
npm error Could not resolve dependency:
npm error peer react@"^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc" from @radix-ui/react-accordion@1.2.12
npm error node_modules/@radix-ui/react-accordion
npm error   @radix-ui/react-accordion@"^1.2.0" from the root project
npm error
npm error Fix the upstream dependency conflict, or retry
npm error this command with --force or --legacy-peer-deps
npm error to accept an incorrect (and potentially broken) dependency resolution.
npm error
npm error
npm error For a full report see:
npm error /runner/cache/others/npm/_logs/2026-02-23T22_43_49_558Z-eresolve-report.txt
npm error A complete log of this run can be found in: /runner/cache/others/npm/_logs/2026-02-23T22_43_49_558Z-debug-0.log

@renovate renovate bot force-pushed the renovate/all-dependencies branch 12 times, most recently from 909338d to b228d69 Compare October 31, 2025 17:31
@renovate renovate bot force-pushed the renovate/all-dependencies branch 14 times, most recently from 083d8f0 to 003dd3c Compare February 20, 2026 07:22
@renovate renovate bot changed the title fix(deps): update all dependencies Pin dependencies Feb 20, 2026
@renovate renovate bot force-pushed the renovate/all-dependencies branch 13 times, most recently from 11d02dc to e20bcd8 Compare February 23, 2026 16:59
@renovate renovate bot force-pushed the renovate/all-dependencies branch from e20bcd8 to bdf2402 Compare February 23, 2026 22:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants