Skip to content

Bump the frontend-prod-minor-deps group with 8 updates#4314

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/frontend-prod-minor-deps-dd101dee81
Open

Bump the frontend-prod-minor-deps group with 8 updates#4314
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/frontend-prod-minor-deps-dd101dee81

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the frontend-prod-minor-deps group with 8 updates:

Package From To
@marsidev/react-turnstile 1.5.1 1.5.3
@reduxjs/toolkit 2.11.2 2.12.0
axios 1.16.0 1.18.1
dayjs 1.11.20 1.11.21
js-base64 3.7.8 3.8.0
motion 12.38.0 12.42.2
react-redux 9.2.0 9.3.0
react-router 7.15.0 7.18.1

Updates @marsidev/react-turnstile from 1.5.1 to 1.5.3

Release notes

Sourced from @​marsidev/react-turnstile's releases.

@​marsidev/react-turnstile@​1.5.3

Patch Changes

  • #167 32ab55e Thanks @​marsidev! - Fix nonce from scriptOptions not being set on the injected <script> tag. The script was assigned via the nonce IDL property, which only writes the element's internal slot and never reflects to the nonce content attribute in real browsers. It is now set with setAttribute, so the attribute appears on the tag and CSP nonce-... allowlists work as expected.
Commits
  • bf32035 Version Packages (#168)
  • 32ab55e fix: set script nonce via setAttribute so it lands on the tag (#167)
  • 3efdb3b chore: bump oxfmt from 0.51.0 to 0.52.0 (#163)
  • 3932d89 chore: bump @​typescript/native-preview (#162)
  • 6294141 chore: bump the dependencies group across 3 directories with 5 updates (#165)
  • 8fed856 chore: bump oxlint from 1.66.0 to 1.67.0 (#161)
  • 7a13074 chore: bump tsdown from 0.22.0 to 0.22.1 (#160)
  • 69e4a75 chore: bump oxfmt from 0.50.0 to 0.51.0 (#156)
  • 39a03f2 chore: bump oxlint-tsgolint from 0.22.1 to 0.23.0 (#157)
  • b0e1617 chore: bump @​typescript/native-preview (#158)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​marsidev/react-turnstile since your current version.


Updates @reduxjs/toolkit from 2.11.2 to 2.12.0

Release notes

Sourced from @​reduxjs/toolkit's releases.

v2.12.0

This feature release adds RTK usage skills files (via TanStack Intent) exports the RTK Query hook options types for reusability, fixes issues with infinite query status flags and batching handling, and makes some small TS improvements.

Changelog

Skills Files

We've generated agent skill files that are now included in the RTK package itself in a skills folder. They cover using and migrating to modern RTK, client and server state management, and handling side effects. You can point your agent at these skills yourself, or use TanStack Intent to pick them up.

TypeScript Improvements

The types for our RTK Query hook options are now exported, which lets you stop using Parameters to extract those types for use in your own code.

The types for listener middleware matchers were tweaked to allow interface-based type guards, not just type-based definitions.

The internal IgnorePaths type was renamed to IgnoredPaths for consistency.

We now use the built-in NoInfer util that comes with TS 5.4+.

Fixes

We fixed handling of the isSuccess status flag when switching infinite query cache entries. This should prevent accidental UI flashes that were occurring due to this flag accidentally flipping.

We've added a 100ms timeout fallback to the autoBatch enhancer's requestAnimationFrame timer. We had several reports that rAF didn't work correctly when used in background tabs / opened windows, and that RTK never updated the UI. This should ensure that the updates flush correctly.

What's Changed

Full Changelog: reduxjs/redux-toolkit@v2.11.2...v2.12.0

Commits
  • 576a02f Release 2.12.0
  • de2d55e Merge pull request #5237 from aryaemami59/fix/codegen/generateEndpoints-retur...
  • ac807c3 fix(codegen): narrow generateEndpoints return type
  • 01ed3ba Merge pull request #5289 from aryaemami59/feat/toolkit/switch-to-native-NoInfer
  • 1f16db1 Merge pull request #5290 from aryaemami59/build/toolkit/exclude-test-files-fr...
  • 23783c1 build(toolkit): exclude test files from final bundle
  • 91b8b0a feat(toolkit)!: switch to native NoInfer utility type
  • 0b37f1a Merge pull request #5286 from aryaemami59/docs/toolkit/fix-typos
  • 3cd62c8 fix unforwardedActions
  • 64853cc chore: fix various typos
  • Additional commits viewable in compare view

Updates axios from 1.16.0 to 1.18.1

Release notes

Sourced from axios's releases.

v1.18.1 — June 21, 2026

This release focuses on Node HTTP adapter fixes, safer AxiosError serialisation, runtime/type correctness fixes, documentation updates, and dependency maintenance.

🐛 Bug Fixes

  • AxiosError Serialisation: Made AxiosError#cause non-enumerable to prevent circular JSON serialisation failures when errors include nested causes. (#10913)
  • Node HTTP Adapter: Guarded socket.setKeepAlive for proxy agent streams, accepted path-only URLs when socketPath is configured, deferred environment proxy handling to Node, and explicitly passed maxBodyLength through to follow-redirects. (#10917, #10930, #10942, #10993)
  • Runtime and Type Correctness: Fixed several runtime crashes, type definition mismatches, and incorrect error handling paths. (#10959, #11021)
  • AxiosURLSearchParams: Switched the encoder callback to an arrow function so encoder.call(this) receives the AxiosURLSearchParams instance correctly. (#11019)

🔧 Maintenance & Chores

  • Documentation: Documented sensitive headers and status transition behaviour, prepared cleaned-up docs, added Deno install instructions, and clarified that request data is request-specific (#11007, #11010, #11023, #11025)

  • Dependencies: Bumped vite, rollup, form-data, js-yaml, and multer across the root project, docs, smoke tests, and module test workspaces. (#11011, #11012, #11013, #11014, #11015, #11016, #11017, #11026)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

Full Changelog

v1.18.0 — June 13, 2026

This release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.

🔒 Security Fixes

  • Redirect Header Safety: Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (#10892)

  • URL And Request Hardening: Rejects malformed http: and https: URLs that omit // with ERR_INVALID_URL, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local NO_PROXY matching. (#11000)

🐛 Bug Fixes

  • Status Validation: Added transitional.validateStatusUndefinedResolves so applications can opt in to treating validateStatus: undefined like the option was omitted, while validateStatus: null remains the explicit way to accept every status. (#10899)

🔧 Maintenance & Chores

  • Documentation: Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the proxy request config as Node.js-only in the advanced docs. (#10984, #10988, #10992, #10995)

  • Dependencies: Bumped @babel/core, @babel/preset-env, @commitlint/cli, @commitlint/config-conventional, @rollup/plugin-babel, @rollup/plugin-commonjs, @vitest/browser, @vitest/browser-playwright, eslint, lint-staged, rollup, vitest, and actions/checkout. (#10989, #10996, #10997)

  • Release Metadata: Prepared the 1.18.0 release by updating package metadata and the runtime VERSION value. (#11003)

... (truncated)

Changelog

Sourced from axios's changelog.

Changelog

v1.18.0 — June 13, 2026

This release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.

🔒 Security Fixes

  • Redirect Header Safety: Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (#10892)

  • URL And Request Hardening: Rejects malformed http: and https: URLs that omit // with ERR_INVALID_URL, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local NO_PROXY matching. (#11000)

🐛 Bug Fixes

  • Status Validation: Added transitional.validateStatusUndefinedResolves so applications can opt in to treating validateStatus: undefined like the option was omitted, while validateStatus: null remains the explicit way to accept every status. (#10899)

🔧 Maintenance & Chores

  • Documentation: Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the proxy request config as Node.js-only in the advanced docs. (#10984, #10988, #10992, #10995)

  • Dependencies: Bumped @babel/core, @babel/preset-env, @commitlint/cli, @commitlint/config-conventional, @rollup/plugin-babel, @rollup/plugin-commonjs, @vitest/browser, @vitest/browser-playwright, eslint, lint-staged, rollup, vitest, and actions/checkout. (#10989, #10996, #10997)

  • Release Metadata: Prepared the 1.18.0 release by updating package metadata and the runtime VERSION value. (#11003)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

Full Changelog

v1.17.0 — June 1, 2026

This release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.

🔒 Security Fixes

  • Config Hardening: Guarded socketPath, params, and paramsSerializer reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (#10901, #10922)
  • Release Publishing: Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (#10926)

🚀 New Features

  • HTTP Compression: Added Node HTTP adapter support for zstd response decompression, with transitional.advertiseZstdAcceptEncoding controlling whether zstd is advertised in Accept-Encoding. (#6792, #10920)

🐛 Bug Fixes

  • Authentication Handling: Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (#10929, #10896)

... (truncated)

Commits
  • a209bfb chore(release): prepare release 1.18.1 (#11027)
  • fa6a55e chore(deps-dev): bump multer from 2.1.1 to 2.2.0 (#11026)
  • 40e7be8 docs: clarifies that request data is request-specific in axios (#11025)
  • a446b39 fix(AxiosURLSearchParams): use arrow function so encoder.call(this) receives ...
  • cf1306a docs: add Deno to install instructions (#11023)
  • b32880a fix: incorrect use of error (#11021)
  • 1792eda fix: ensure maxBodyLength is explicitly passed to follow-redirects (#10993)
  • 30499d6 fix: various runtime crashes and type definition mismatches (#10959)
  • 20ce9c4 fix(http): defer env proxy handling to Node (#10942)
  • e64bcf9 chore(deps): merge branch 'v1.x' into tests/module/cjs (#11014)
  • Additional commits viewable in compare view

Updates dayjs from 1.11.20 to 1.11.21

Release notes

Sourced from dayjs's releases.

v1.11.21

1.11.21 (2026-05-26)

Bug Fixes

Changelog

Sourced from dayjs's changelog.

1.11.21 (2026-05-26)

Bug Fixes

Commits

Updates js-base64 from 3.7.8 to 3.8.0

Commits

Updates motion from 12.38.0 to 12.42.2

Changelog

Sourced from motion's changelog.

Changelog

Motion adheres to Semantic Versioning.

Undocumented APIs should be considered internal and may change without warning.

[12.42.1] 2026-06-30

Fixed

  • animateView: Old layer fade out now cancelled when defining .new().

[12.42.0] 2026-06-24

Changed

  • animateView: Layers are automatically grouped to match their DOM-hierarchy. New .group(false) method opts-out.

Fixed

  • animateView: Auto-crop is now aspect-ratio aware, disabling crops for matching aspect-ratios.
  • animateView: Disabled automatic border-radius animation.

[12.41.0] 2026-06-23

Added

  • animateView: Moves from Motion+ Early Access and alpha to main library.
  • animateView: .add() resolves a CSS selector or Element to automatically generate, apply and remove view-transition-name.
  • animateView: .new() and .old() configures values to animate on new and old layers.
  • animateView: .layout() can set a custom transition on the size/position animation of the currently selected elements.
  • animateView: Group layers now automatically crop with children set to cover, with border-radius animating from old radius to new. .crop(false) disables this behaviour.
  • animateView: .class(name) tags currently selected elements with a view-transition-class as a custom CSS hook.

Fixed

  • AnimatePresence: Prevent stuck exit animations when children interrupt.
  • drag: Child e.stopPropagation() no longer break drag end.
  • Fixing Next.js OOM on Windows when importing via motion package.
  • animateLayout: Improve handling of parallel/interleaved calls.

Changed

  • animateView: .enter() and .exit() now refer specifically to new and old layers where there are no matching old or new layers.
  • animateView: Interrupted transition setups now return resolved animation rather than throwing.

[12.40.0] 2026-05-21

Added

... (truncated)

Commits
  • 40e8756 v12.42.2
  • 718ccc7 Merge pull request #3768 from motiondivision/view-cropped-corner-radius
  • 19195a4 Dedupe corner-radius longhands; merge crop box/radii measurements
  • 5299aa6 Resolve cropped-clip radius timing once; fix transition-option leak
  • 937cdf3 Animate cropped view-transition group corner radius
  • fd2d6f6 v12.42.1
  • 2223d87 Hold the old layer when only a non-opacity .new() is set
  • 9c84145 v12.42.0
  • 60d7c72 Add view-transition group nesting and aspect-aware cropping
  • 6437276 Updating
  • Additional commits viewable in compare view

Updates react-redux from 9.2.0 to 9.3.0

Release notes

Sourced from react-redux's releases.

v9.3.0

This feature release officially marks the connect API as deprecated.

That's it. That's the release. :)

Changelog

connect deprecation

Way back in 2022, I officially marked the original Redux core createStore method as deprecated in Redux 4.2.0. As I clearly stated in that release, the goal of marking createStore as deprecated was to encourage users to migrate to modern Redux Toolkit, especially for those users who don't read our docs (such as beginners following outdated tutorials or in bootcamps, etc). The change was visual-only - adding @deprecated just marks the import with a strikethrough in an IDE, and the docblock references the "use modern Redux Toolkit" docs page. No runtime errors, no behavior changes, just an indication that the function is considered obsolete and you shouldn't use it directly any more. I also exported a legacy_createStore alias - same function, no deprecation attribute.

It's 4 years later, and I'm finally doing the same thing for connect :)

Again, nothing about connect's behavior is changing, and we do not intend to remove the connect API. But it's 2026, and hooks are the correct way to use React and React-Redux today.

We do strongly encourage users to migrate from connect to the useSelector / useDispatch hooks in general. This should result in codebases that are easier to understand and ought to improve performance slightly due to the way updates are handled.

As with before, React-Redux now exports a legacy_connect alias that does not have the deprecation attribute applied.

Trusted Publishing Fixed

We had set up trusted publishing for React-Redux a couple years ago and did some releases with that enabled, but at some point I did a follow-up release that still used the previous manual workflow, and that lost the trusted publishing provenance flag. We had recent issues requesting a new release with trusted publishing enabled again, so we've fixed that with this release.

What's Changed

Full Changelog: reduxjs/react-redux@v9.2.0...v9.3.0

Commits
  • 4134f88 Release 9.3.0
  • c0fd068 Fix release workflow Node version
  • bb01aeb Merge pull request #2304 from reduxjs/feature/fix-publishing-step
  • a0b1224 Rename publish file and fix permissions
  • ed7300a Merge branch 'master' of github.com:reduxjs/react-redux
  • 8caf827 Merge pull request #2269 from reduxjs/feature/deprecate-connect
  • 9fd63fa Disable release-it actual publishes
  • 53b77d2 Docs/hooks docs fixes (#2279)
  • 11b15c8 Bump React to latest
  • 1a18e2f Update SSR hydration error assertion for 19.2
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react-redux since your current version.


Updates react-router from 7.15.0 to 7.18.1

Release notes

Sourced from react-router's releases.

v7.18.1

See the changelog for release notes: https://github.com/remix-run/react-router/blob/v7/CHANGELOG.md#v7181

v7.18.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7180

v7.17.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7170

v7.16.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7160

v7.15.1

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7151

Changelog

Sourced from react-router's changelog.

v7.18.1

Patch Changes

  • No changes

v7.18.0

Patch Changes

  • Fix server handler prerender responses when using ssr: false and future.v8_trailingSlashAwareDataRequests: true. Avoids false positive "SPA Mode" detection when serving prerendered paths (#15173)
  • Use the ServerRouter nonce for nonce-aware SSR components when they don't provide their own value so strict CSP pages can load them. (#15170)
  • Use turbo-stream to serialize and deserialize Framework Mode hydration errors (#15175)
  • Precompute route branch matchers to avoid recompiling route path regexes during matching (#15186)
  • Use the constructed request URL host when validating action request origins. (#15185)
  • Remove the un-documented custom error serialization logic from Data Mode SSR built-in hydration flows (#15175)
  • Validate protocols in RSC render redirects (#15177)
  • Consolidate url normalization logic and better handle mixed slashes (#15176)

v7.17.0

Minor Changes

  • Ship a subset of the official documentation inside the react-router package (#15121)
    • Markdown docs are now available in node_modules/react-router/docs, letting AI coding agents and the React Router agent skills read official docs locally
    • Excludes auto-generated API docs (api/), community/ content, and tutorials (tutorials/)

v7.16.0

Minor Changes

  • Stabilize future.unstable_trailingSlashAwareDataRequests as future.v8_trailingSlashAwareDataRequests (#15098)

Patch Changes

  • Disable manifest path when lazy route dicovery is disabled (#15068)

  • Fix browser URL creation to use the configured history window instead of the global window. (#15066)

    • Pass the history/router window through to createBrowserURLImpl so custom window contexts keep the correct URL origin.
  • Fix useNavigation() return type to preserve discriminated union across navigation states (#15095)

  • Widen MetaDescriptor script:ld+json type from LdJsonObject to LdJsonObject | LdJsonObject[] to permit multiple JSON-LD schemas in a single <script type="application/ld+json"> tag emitted by <Meta /> (#15082)

v7.15.1

Patch Changes

  • Update router to operate on fetcher Maps in an immutable manner to avoid delayed React renders from potentially reading an updated but not yet committed Map. This could result in brief flickers in some fetcher-driven optimistic UI scenarios. (#15028)
  • Fix serverLoader() returning stale SSR data when a client navigation aborts pending hydration before the hydration clientLoader resolves (#15022)

... (truncated)

Commits

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
axios [>= 1.5.a, < 1.6]
axios [>= 1.6.a, < 1.7]
react-redux [>= 9.2.a, < 9.3]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

This change is Reviewable

Bumps the frontend-prod-minor-deps group with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [@marsidev/react-turnstile](https://github.com/marsidev/react-turnstile) | `1.5.1` | `1.5.3` |
| [@reduxjs/toolkit](https://github.com/reduxjs/redux-toolkit) | `2.11.2` | `2.12.0` |
| [axios](https://github.com/axios/axios) | `1.16.0` | `1.18.1` |
| [dayjs](https://github.com/iamkun/dayjs) | `1.11.20` | `1.11.21` |
| [js-base64](https://github.com/dankogai/js-base64) | `3.7.8` | `3.8.0` |
| [motion](https://github.com/motiondivision/motion) | `12.38.0` | `12.42.2` |
| [react-redux](https://github.com/reduxjs/react-redux) | `9.2.0` | `9.3.0` |
| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `7.15.0` | `7.18.1` |


Updates `@marsidev/react-turnstile` from 1.5.1 to 1.5.3
- [Release notes](https://github.com/marsidev/react-turnstile/releases)
- [Commits](https://github.com/marsidev/react-turnstile/compare/v1.5.1...@marsidev/react-turnstile@1.5.3)

Updates `@reduxjs/toolkit` from 2.11.2 to 2.12.0
- [Release notes](https://github.com/reduxjs/redux-toolkit/releases)
- [Commits](reduxjs/redux-toolkit@v2.11.2...v2.12.0)

Updates `axios` from 1.16.0 to 1.18.1
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.16.0...v1.18.1)

Updates `dayjs` from 1.11.20 to 1.11.21
- [Release notes](https://github.com/iamkun/dayjs/releases)
- [Changelog](https://github.com/iamkun/dayjs/blob/dev/CHANGELOG.md)
- [Commits](iamkun/dayjs@v1.11.20...v1.11.21)

Updates `js-base64` from 3.7.8 to 3.8.0
- [Commits](dankogai/js-base64@3.7.8...3.8.0)

Updates `motion` from 12.38.0 to 12.42.2
- [Changelog](https://github.com/motiondivision/motion/blob/main/CHANGELOG.md)
- [Commits](motiondivision/motion@v12.38.0...v12.42.2)

Updates `react-redux` from 9.2.0 to 9.3.0
- [Release notes](https://github.com/reduxjs/react-redux/releases)
- [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md)
- [Commits](reduxjs/react-redux@v9.2.0...v9.3.0)

Updates `react-router` from 7.15.0 to 7.18.1
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/react-router@7.18.1/packages/react-router/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/react-router@7.18.1/packages/react-router)

---
updated-dependencies:
- dependency-name: "@marsidev/react-turnstile"
  dependency-version: 1.5.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontend-prod-minor-deps
- dependency-name: "@reduxjs/toolkit"
  dependency-version: 2.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend-prod-minor-deps
- dependency-name: axios
  dependency-version: 1.18.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend-prod-minor-deps
- dependency-name: dayjs
  dependency-version: 1.11.21
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontend-prod-minor-deps
- dependency-name: js-base64
  dependency-version: 3.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend-prod-minor-deps
- dependency-name: motion
  dependency-version: 12.42.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend-prod-minor-deps
- dependency-name: react-redux
  dependency-version: 9.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend-prod-minor-deps
- dependency-name: react-router
  dependency-version: 7.18.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend-prod-minor-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jul 1, 2026
@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown

⚠️ Commit Message Format Issues ⚠️

commit a5ef3b067b:
7: B1 Line exceeds max length (96>80): "| @marsidev/react-turnstile | 1.5.1 | 1.5.3 |"
8: B1 Line exceeds max length (86>80): "| @reduxjs/toolkit | 2.11.2 | 2.12.0 |"
14: B1 Line exceeds max length (115>80): "| react-router | 7.15.0 | 7.18.1 |"
19: B1 Line exceeds max length (105>80): "- Commits"
40: B1 Line exceeds max length (81>80): "- Commits"
49: B1 Line exceeds max length (116>80): "- Changelog"
50: B1 Line exceeds max length (104>80): "- Commits"

@codecov

codecov Bot commented Jul 1, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 66.88%. Comparing base (e2b613d) to head (a5ef3b0).

Additional details and impacted files
@@            Coverage Diff             @@
##           master    #4314      +/-   ##
==========================================
- Coverage   75.96%   66.88%   -9.08%     
==========================================
  Files         305      248      -57     
  Lines       11384     6303    -5081     
  Branches     1411      794     -617     
==========================================
- Hits         8648     4216    -4432     
+ Misses       2332     1826     -506     
+ Partials      404      261     -143     
Flag Coverage Δ
backend ?
frontend 66.88% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@imnasnainaec imnasnainaec self-assigned this Jul 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant