Bump the npm_and_yarn group across 9 directories with 15 updates

[dependabot]

Bumps the npm_and_yarn group with 4 updates in the / directory: minimatch, tar, devalue and storybook.
Bumps the npm_and_yarn group with 1 update in the /apps/bundle-analyzer directory: next.
Bumps the npm_and_yarn group with 1 update in the /examples/cms-payload directory: payload.
Bumps the npm_and_yarn group with 2 updates in the /examples/cms-tina directory: @tinacms/cli and tinacms.
Bumps the npm_and_yarn group with 1 update in the /examples/mdx-remote directory: next-mdx-remote.
Bumps the npm_and_yarn group with 1 update in the /packages/create-next-app directory: tar.
Bumps the npm_and_yarn group with 3 updates in the /packages/next directory: tar, devalue and storybook.
Bumps the npm_and_yarn group with 1 update in the /turbopack/benchmark-apps directory: ajv.
Bumps the npm_and_yarn group with 8 updates in the /turbopack/crates/turbopack-tracing/tests/node-file-trace directory:

Package	From	To
minimatch	3.1.2	3.1.5
tar	6.1.11	6.2.1
ajv	6.12.6	6.14.0
axios	0.21.4	0.30.3
bn.js	4.12.0	4.12.3
koa	2.13.4	3.1.2
underscore	1.13.6	1.13.8
basic-ftp	5.0.5	5.2.0

Updates minimatch from 3.0.4 to 3.1.4

Commits

• 1a2e084 3.1.4
• ae24656 update lockfile
• b100374 limit recursion for **, improve perf considerably
• 26ffeaa lockfile update
• 9eca892 lock node version to 14
• 00c323b 3.1.3
• 30486b2 update CI matrix and actions
• 9c31b2d update test expectations for coalesced consecutive stars
• 46fe687 coalesce consecutive non-globstar * characters
• 5a9ccbd [meta] update publishConfig.tag to legacy-v3
• Additional commits viewable in compare view

Updates tar from 6.1.15 to 7.5.11

Changelog

Sourced from tar's changelog.

Changelog

7.5

• Added zstd compression support.
• Consistent TOCTOU behavior in sync t.list
• Only read from ustar block if not specified in Pax
• Fix sync tar.list when file size reduces while reading
• Sanitize absolute linkpaths properly
• Prevent writing hardlink entries to the archive ahead of their file target

7.4

• Deprecate onentry in favor of onReadEntry for clarity.

7.3

• Add onWriteEntry option

7.2

• DRY the command definitions into a single makeCommand method, and update the type signatures to more appropriately infer the return type from the options and arguments provided.

7.1

• Update minipass to v7.1.0
• Update the type definitions of write() and end() methods on Unpack and Parser classes to be compatible with the NodeJS.WritableStream type in the latest versions of @types/node.

7.0

• Drop support for node <18
• Rewrite in TypeScript, provide ESM and CommonJS hybrid interface
• Add tree-shake friendly exports, like import('tar/create') and import('tar/read-entry') to get individual functions or classes.
• Add chmod option that defaults to false, and deprecate noChmod. That is, reverse the default option regarding explicitly setting file system modes to match tar entry settings.
• Add processUmask option to avoid having to call process.umask() when chmod: true (or noChmod: false) is set.

... (truncated)

Commits

• bf776f6 7.5.11
• f48b5fa prevent escaping symlinks with drive-relative paths
• 97cff15 docs: more security info
• 2b72abc 7.5.10
• 7bc755d parse root off paths before sanitizing .. parts
• c8cb846 update deps
• 1f0c2c9 7.5.9
• fbb0851 build minified version as default export
• 6b8eba0 7.5.8
• 2cb1120 fix(unpack): improve UnpackSync symlink error "into" path accuracy
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by isaacs, a new releaser for tar since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

Updates devalue from 2.0.1 to 5.6.4

Release notes

Sourced from devalue's releases.

v5.6.4

Patch Changes

• 87c1f3c: fix: reject __proto__ keys in malformed Object wrapper payloads

  This validates the "Object" parse path and throws when the wrapped value has an own __proto__ key.

• 40f1db1: fix: ensure sparse array indices are integers

• 87c1f3c: fix: disallow __proto__ keys in null-prototype object parsing

  This disallows __proto__ keys in the "null" parse path so null-prototype object hydration cannot carry that key through parse/unflatten.

v5.6.3

Patch Changes

• 0f04d4d: fix: Properly handle __proto__
• 819f1ac: fix: better encoding for sparse arrays

v5.6.2

Patch Changes

• 1175584: fix: validate input for ArrayBuffer parsing
• e46afa6: fix: validate input for typed arrays
• 1175584: fix: more helpful errors for inputs causing stack overflows

v5.6.1

Patch Changes

• 2161d44: fix: add hasOwn check before calling reviver

v5.6.0

Minor Changes

• a3d09d4: feat: expose DevalueError for instanceof checks in catch clauses
• a3d09d4: feat: add value and root properties in DevalueError instances

v5.5.0

Minor Changes

• 828fa1c: Enable support for custom reducer/reviver for "function" values

v5.4.2

Patch Changes

• 5c26c0d: fix: allow custom revivers to revive things serialized by builtin reducers

v5.4.1

Patch Changes

... (truncated)

Changelog

Sourced from devalue's changelog.

5.6.4

Patch Changes

• 87c1f3c: fix: reject __proto__ keys in malformed Object wrapper payloads

  This validates the "Object" parse path and throws when the wrapped value has an own __proto__ key.

• 40f1db1: fix: ensure sparse array indices are integers

• 87c1f3c: fix: disallow __proto__ keys in null-prototype object parsing

  This disallows __proto__ keys in the "null" parse path so null-prototype object hydration cannot carry that key through parse/unflatten.

5.6.3

Patch Changes

• 0f04d4d: fix: Properly handle __proto__
• 819f1ac: fix: better encoding for sparse arrays

5.6.2

Patch Changes

• 1175584: fix: validate input for ArrayBuffer parsing
• e46afa6: fix: validate input for typed arrays
• 1175584: fix: more helpful errors for inputs causing stack overflows

5.6.1

Patch Changes

• 2161d44: fix: add hasOwn check before calling reviver

5.6.0

Minor Changes

• a3d09d4: feat: expose DevalueError for instanceof checks in catch clauses
• a3d09d4: feat: add value and root properties in DevalueError instances

5.5.0

Minor Changes

• 828fa1c: Enable support for custom reducer/reviver for "function" values

5.4.2

Patch Changes

... (truncated)

Commits

• 6cbb3f5 Version Packages (#133)
• 40f1db1 Merge commit from fork
• 87c1f3c Merge commit from fork
• a4a37d2 Version Packages (#132)
• 819f1ac Merge commit from fork
• 0f04d4d Merge commit from fork
• fcf4e88 fix tests
• 1d8a5ea Version Packages (#131)
• 1175584 Merge commit from fork
• e46afa6 Merge commit from fork
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for devalue since your current version.

Updates storybook from 8.6.0 to 8.6.17

Release notes

Sourced from storybook's releases.

v8.6.17

8.6.17

• Harden websocket connection

v8.6.16

8.6.16

• No-op release. No changes.

v8.6.15

8.6.15

• Core: Fix .env-file parsing, thanks @​jreinhold!

Changelog

Sourced from storybook's changelog.

8.6.17

• Harden websocket connection

8.6.16

• No-op release. No changes.

8.6.14

• CLI: Add skip onboarding, recommended/minimal config - #30930, thanks @​shilman!
• Core: Fix using dates in expect statements - #28413, thanks @​yann-combarnous!
• React Native Web: Fix expo router by setting JSX to automatic - #31484, thanks @​dannyhw!
• Test: Make sure that lit arrays are not cloned - #31435, thanks @​kasperpeulen!

8.6.13

• Controls: Fix boxShadow on empty controls - #27193, thanks @​H0onnn!
• React Native Web: Update react-native-web - #31324, thanks @​ndelangen!

8.6.12

• CLI: Only install Visual Test Addon if test feature is selected - #30966, thanks @​ghengeveld!
• Core: Fix telemetry error on Storybook UI - #30953, thanks @​yannbf!
• Ember: Fix ember-template-compiler import for ember 6+ - #30682, thanks @​leoeuclids!
• Next: Update vite-plugin-storybook-nextjs to 2.0.0--canary.33.17a2310.0 - #30997, thanks @​kasperpeulen!
• Svelte: Exclude node_modules from docgen - #30981, thanks @​JReinhold!

8.6.11

• Angular: Fix zone.js support for Angular libraries - #30941, thanks @​valentinpalkovic!

8.6.10

• Addon-docs: Fix non-string handling in Stories block - #30913, thanks @​JamesIves!
• Nextjs: Fix styled-jsx optimize vite warnings - #30932, thanks @​kasperpeulen!
• React: Fix actImplementation is not a function - #30929, thanks @​kasperpeulen!

8.6.9

• Next: Fix react aliases in next vite plugin - #30914, thanks @​kasperpeulen!

8.6.8

• Angular: Export all files in Angular package.json - #30849, thanks @​kasperpeulen!
• CLI: Don't add packageManager entry to package.json automatically - #30855, thanks @​kasperpeulen!
• React: Allow portable stories to be used in SSR - #30847, thanks @​kasperpeulen!
• Svelte: Adjust Svelte typings to include Svelte 5 function components - #30852, thanks @​dummdidumm!
• Telemetry: Make sure that telemetry doesn't fail on init - #30857, thanks @​kasperpeulen!
• Vite: Update HMR filter to target specific story file types - #30845, thanks @​kasperpeulen!

... (truncated)

Commits

• c6e550a Bump version from "8.6.16" to "8.6.17" [skip ci]
• 9cf9d89 Core: Require token for websocket connections
• 7e51515 Bump version from "8.6.15" to "8.6.16" [skip ci]
• 3812b43 Bump version from 8.6.14 to 8.6.15 MANUALLY
• 4a04cb2 filter env vars from .env files
• ab87178 Bump version from "8.6.13" to "8.6.14" [skip ci]
• b210eed Update frameworks.ts
• fe5ea89 Fix lint
• 8c12257 Merge branch 'latest-release'
• 8fa9049 Bump version from "8.6.12" to "8.6.13" [skip ci]
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for storybook since your current version.

Updates next from 16.0.8 to 16.1.7

Release notes

Sourced from next's releases.

v16.1.7

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• [Cache Components] Prevent streaming fetch calls from hanging in dev (#89194)
• Apply server actions transform to node_modules in route handlers (#89380)
• ensure maxPostponedStateSize is always respected (See: CVE-2026-27979)
• feat(next/image): add lru disk cache and images.maximumDiskCacheSize (See: CVE-2026-27980)
• Allow blocking cross-site dev-only websocket connections from privacy-sensitive origins (See: CVE-2026-27977)
• Disallow Server Action submissions from privacy-sensitive contexts by default (See: CVE-2026-27978)
• fix: patch http-proxy to prevent request smuggling in rewrites (See: CVE-2026-29057)

Credits

Huge thanks to @​unstubbable, @​styfle, @​eps1lon, and @​ztanner for helping!

v16.1.6

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Upgrade to swc 54 (#88207)
• implement LRU cache with invocation ID scoping for minimal mode response cache (#88509)
• tweak LRU sentinel key (#89123)

Credits

Huge thanks to @​mischnic, @​wyattjoh, and @​ztanner for helping!

v16.1.5

Please refer the following changelogs for more information about this security release:

https://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472 https://vercel.com/changelog/summary-of-cve-2026-23864

v16.0.11

Please see this changelog for more information about this security patch.

Commits

• bdf3e35 v16.1.7
• dc98c04 [backport]: fix: patch http-proxy to prevent request smuggling in rewrites (#...
• 9023c0a [backport] Disallow Server Action submissions from privacy-sensitive contexts...
• 36a97b9 Allow blocking cross-site dev-only websocket connections from privacy-sensiti...
• 93c3993 [backport]: feat(next/image): add lru disk cache and `images.maximumDiskCache...
• c68d62d Backport documentation fixes for 16.1.x (#90655)
• 5214ac1 [backport]: ensure maxPostponedStateSize is always respected (#90060) (#90471)
• c95e357 Backport/docs fixes 16.1.x (#90125)
• cba6144 [backport] Apply server actions transform to node_modules in route handlers...
• 3db9063 [backport] [Cache Components] Prevent streaming fetch calls from hanging in d...
• Additional commits viewable in compare view

Updates payload from 1.9.2 to 3.75.0

Release notes

Sourced from payload's releases.

v3.75.0

v3.75.0 (2026-02-05)

🚀 Features

• adds beforeNav and afterNav component slots (#15493) (f23a1df)
• next: pass full initReq context to server functions and dashboard widgets (#15427) (ce13e97)

🐛 Bug Fixes

• handle absolute paths correctly with tempFileDir upload option (#14436) (5ca9bd4)
• ungenerated image sizes should not store original URL (#15454) (fa1cd62)
• add safety check to redirects from external file URL uploads (#15458) (1041bb6)
• sass warning not hidden during webpack build (#15442) (dec0ea7)
• add collection property to auth documents, fixing multi tenancy access control issue (#15404) (d6aa6cc)
• graphql: blocks return null with select: true (#15464) (c2baef4)
• next: versions diff error when swapping blocks with relationship fields (#15478) (5ba0055)
• next: export SlugField from the client dir not rsc (#15461) (6c07f3b)
• next: sync modular dashboard widgets when server component re-renders (#15439) (5495b47)
• plugin-ecommerce: variant creation blocked by variants in trash (#15449) (3f01682)
• plugin-mcp: create and update resource tools now support point fields (#15381) (a28261d)
• ui: extra padding rendering in list view when no description exists (#15507) (3ff6be4)
• ui: remove slug field from rsc exports (#15480) (8f66035)

⚡ Performance

• next: avoid re-calculating permissions in some server functions, pass missing args (#15428) (9c8be5c)

📚 Documentation

• jobs queue improvements (#15318) (3d357b3)

🎨 Styles

• run lint-staged commands in correct order (#15446) (731037e)

🧪 Tests

• trash e2e URL regex too strict and blocks query parameters (#15498) (57e759c)
• additional admin e2e coverage for templates (#15477) (63d63be)
• reorganize helpers into shared/e2e/int subdirectories (#15479) (b901231)
• enable figma adapter testing (#15467) (f4920d8)
• improve script to reset tests (#15328) (399b579)
• richText fields serialization (#15465) (fc99048)
• update suites selected by default in runTestsWithSummary (#15463) (603897d)
• trash auth e2e tests have race condition on navigation (#15468) (9bd5123)

⚙️ CI

... (truncated)

Commits

• 00e2ffb chore(release): v3.75.0 [skip ci]
• 5ca9bd4 fix: handle absolute paths correctly with tempFileDir upload option (#14436)
• fa1cd62 fix: ungenerated image sizes should not store original URL (#15454)
• f23a1df feat: adds beforeNav and afterNav component slots (#15493)
• 8422668 chore: replace magic strings with centralized constants (#15475)
• 1041bb6 fix: add safety check to redirects from external file URL uploads (#15458)
• 6c07f3b fix(next): export SlugField from the client dir not rsc (#15461)
• 9c8be5c perf(next): avoid re-calculating permissions in some server functions, pass m...
• d6aa6cc fix: add collection property to auth documents, fixing multi tenancy access c...
• ce13e97 feat(next): pass full initReq context to server functions and dashboard widge...
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by elliotpayload, a new releaser for payload since your current version.

Updates @tinacms/cli from 0.60.28 to 2.1.10

Release notes

Sourced from @​tinacms/cli's releases.

@​tinacms/cli@​2.1.10

Patch Changes

• Updated dependencies [3b44e6a, 35385f1, 0a1049d, 960181a, ebaa246, 7d544d2, 83ed83f, 8f08f49, 13e953a, 168c283, c439e75, 9bc4f3c]:
  • tinacms@3.6.2
  • @​tinacms/app@​2.3.29

@​tinacms/cli@​2.1.9

Patch Changes

• Updated dependencies [0712649]:
  • @​tinacms/graphql@​2.2.0
  • @​tinacms/search@​1.2.6
  • tinacms@3.6.1
  • @​tinacms/app@​2.3.28

@​tinacms/cli@​2.1.8

Patch Changes

• #6450 56d533e Thanks @​18-th! - * Restricted CORS on dev server to localhost by default for GHSA-8pw3-9m7f-q734.
  • Added server.allowedOrigins config option for non-localhost environments.
  • Enabled Vite server.fs.strict with computed allow list for GHSA-m48g-4wr2-j2h6
  • Bind LevelDB TCP server to 127.0.0.1
• Updated dependencies [f23c2a6, d782ca2, 56d533e, 60510bb]:
  • tinacms@3.6.0
  • @​tinacms/schema-tools@​2.7.0
  • @​tinacms/app@​2.3.27
  • @​tinacms/graphql@​2.1.4
  • @​tinacms/search@​1.2.5

@​tinacms/cli@​2.1.7

Patch Changes

• #6440 c2517c2 Thanks @​18-th! - * Add path traversal protection and tests for GHSA-5hxf-c7j4-279c path traversal vulnerability
  • Add path traversal protection and tests for GHSA-2f24-mg4x-534q path traversal vulnerability
• Updated dependencies [c2517c2, 2738749, dfb4ce8]:
  • @​tinacms/graphql@​2.1.3
  • tinacms@3.5.1
  • @​tinacms/search@​1.2.4
  • @​tinacms/app@​2.3.26

@​tinacms/cli@​2.1.6

Patch Changes

• #6416 62d0e5b Thanks @​18-th! - Adding tests to confirm that a Security Advisory was fixed

• #6439 bde4e4f Thanks @​kulesy! - Improve error message when content directory is missing a tina/ folder. When using localContentPath, the error now explains that the content directory needs a tina/ folder for generated files and provides the exact mkdir command to fix it, instead of the misleading suggestion to use --rootPath.

• #6419 bd9dabd Thanks @​18-th! - Added tests to confirm that a Security Advisory was fixed

... (truncated)

Changelog

Sourced from @​tinacms/cli's changelog.

2.1.10

Patch Changes

• Updated dependencies [3b44e6a, 35385f1, 0a1049d, 960181a, ebaa246, 7d544d2, 83ed83f, 8f08f49, 13e953a, 168c283, c439e75, 9bc4f3c]:
  • tinacms@3.6.2
  • @​tinacms/app@​2.3.29

2.1.9

Patch Changes

• Updated dependencies [0712649]:
  • @​tinacms/graphql@​2.2.0
  • @​tinacms/search@​1.2.6
  • tinacms@3.6.1
  • @​tinacms/app@​2.3.28

2.1.8

Patch Changes

• #6450 56d533e Thanks @​18-th! - * Restricted CORS on dev server to localhost by default for GHSA-8pw3-9m7f-q734.
  • Added server.allowedOrigins config option for non-localhost environments.
  • Enabled Vite server.fs.strict with computed allow list for GHSA-m48g-4wr2-j2h6
  • Bind LevelDB TCP server to 127.0.0.1
• Updated dependencies [f23c2a6, d782ca2, 56d533e, 60510bb]:
  • tinacms@3.6.0
  • @​tinacms/schema-tools@​2.7.0
  • @​tinacms/app@​2.3.27
  • @​tinacms/graphql@​2.1.4
  • @​tinacms/search@​1.2.5

2.1.7

Patch Changes

• #6440 c2517c2 Thanks @​18-th! - * Add path traversal protection and tests for GHSA-5hxf-c7j4-279c path traversal vulnerability
  • Add path traversal protection and tests for GHSA-2f24-mg4x-534q path traversal vulnerability
• Updated dependencies [c2517c2, 2738749, dfb4ce8]:
  • @​tinacms/graphql@​2.1.3
  • tinacms@3.5.1
  • @​tinacms/search@​1.2.4
  • @​tinacms/app@​2.3.26

2.1.6

Patch Changes

• #6416 62d0e5b Thanks @​18-th! - Adding tests to confirm that a Security Advisory was fixed

... (truncated)

Commits

• df73900 Version Packages (#6483)
• e0a65b8 Version Packages (#6479)
• 661102d Version Packages (#6452)
• 56d533e Restricted CORS and Vite fs access on dev server (#6450)
• 2b04d1d Version Packages (#6445)
• c2517c2 Add path traversal protection (#6440)
• 5d96408 Version Packages (#6401)
• f90d47b Setup opt-in/opt-out, initialize on TinaAdmin (#6438)
• bde4e4f fix(cli): improve error when content dir missing tina/ folder (#6439)
• bd9dabd Added tests to confirm that a security advisory was fixed https://github.com/...
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​tinacms/cli since your current version.

Updates tinacms from 0.68.15 to 3.6.2

Release notes

Sourced from tinacms's releases.

tinacms@3.6.2

Patch Changes

• #6494 3b44e6a Thanks @​joshbermanssw! - 🐖 Telemetry - Seeing how many users interact with nav bar buttons (Project Config, User management, support)

• #6488 35385f1 Thanks @​joshbermanssw! - Add PostHog event capture for Media Manager upload and delete actions

• #6495 0a1049d Thanks @​joshbermanssw! - 🐖 Telemetry - Adding Telemetry to see when users switch between rich-text and markdown mode in the rich-text editor

• #6408 960181a Thanks @​tiagov8! - 💄 UI - Fix cut-off modal title

• #6491 7d544d2 Thanks @​joshbermanssw! - 💄 Improve GraphQL Schema Mismatch Dialog Message

• #6487 83ed83f Thanks @​joshbermanssw! - 🐛 Fix showFloatingToolbar config not working by removing plugin correctly

• #6476 8f08f49 Thanks @​joshbermanssw! - 🐛 Authentication - Fix Login button stuck in constant spinner state

• #6496 13e953a Thanks @​joshbermanssw! - 🔧 Fix missing export

• #6505 168c283 Thanks @​joshbermanssw! - 🐛 Fixing Media Manager Breadcrumb

• #6498 c439e75 Thanks @​joshbermanssw! - 🐖 Telemetry - View user interactions with saving and resetting forms

• #6493 9bc4f3c Thanks @​joshbermanssw! - 🐖 Telemetry - See when users open the Event Log Page (eventLogPageViewed event)

tinacms@3.6.1

Patch Changes

• Updated dependencies []:
  • @​tinacms/search@​1.2.6

tinacms@3.6.0

Minor Changes

• #6447 60510bb Thanks @​joshbermanssw! - ✨ Object Schema - Add openFormOnCreate flag. Allowing users to opt-in to automatically going inside an object form when the field is true

Patch Changes

• #6451 f23c2a6 Thanks @​joshbermanssw! - Fix inconsistent branch selection modal size between Side Editor and Admin Editor by using tailwind-merge for proper CSS class merging in PopupModal

• #6458 d782ca2 Thanks @​joshbermanssw! - 🤖 Fix previewBranch button from opening a tab with an empty string, instead using correct previewUrl variable

• Updated dependencies [56d533e, 60510bb]:

  • @​tinacms/schema-tools@​2.7.0
  • @​tinacms/mdx@​2.0.7
  • @​tinacms/search@​1.2.5

tinacms@3.5.1

Patch Changes

... (truncated)

Changelog

Sourced from tinacms's changelog.

3.6.2

Patch Changes

• #6494 3b44e6a Thanks @​joshbermanssw! - 🐖 Telemetry - Seeing how many users interact with nav bar buttons (Project Config, User management, support)

• #6488 35385f1 Thanks @​joshbermanssw! - Add PostHog event capture for Media Manager upload and delete actions

• #6495 0a1049d Thanks @​joshbermanssw! - 🐖 Telemetry - Adding Telemetry to see when users switch between rich-text and markdown mode in the rich-text editor

• #6408 960181a Thanks @​tiagov8! - 💄 UI - Fix cut-off modal title

• #6491 7d544d2 Thanks @​joshbermanssw! - 💄 Improve GraphQL Schema Mismatch Dialog Message

• #6487 83ed83f Thanks @​joshbermanssw! - 🐛 Fix showFloatingToolbar config not working by removing plugin correctly

• #6476 8f08f49 Thanks @​joshbermanssw! - 🐛 Authentication - Fix Login button stuck in constant spinner state

• #6496 13e953a Thanks @​joshbermanssw! - 🔧 Fix missing export

• #6505 168c283 Thanks @​joshbermanssw! - 🐛 Fixing Media Manager Breadcrumb

• #6498 c439e75 Thanks @​joshbermanssw! - 🐖 Telemetry - View user interactions with saving and resetting forms

• #6493 9bc4f3c Thanks @​joshbermanssw! - 🐖 Telemetry - See when u...

  Description has been truncated