Bump the npm-bump group across 1 directory with 26 updates

[dependabot]

Bumps the npm-bump group with 26 updates in the /frontend directory:

Package	From	To
@marsidev/react-turnstile	1.3.1	1.5.0
@reduxjs/toolkit	2.11.0	2.11.2
@uiw/react-md-editor	4.0.8	4.1.0
react	19.2.0	19.2.4
@types/react	19.2.7	19.2.14
react-dom	19.2.0	19.2.4
react-hook-form	7.67.0	7.72.0
react-router	7.9.6	7.13.2
zod	4.1.13	4.3.6
@rtk-query/codegen-openapi	2.1.0	2.2.0
@trivago/prettier-plugin-sort-imports	6.0.0	6.0.2
css-loader	7.1.2	7.1.4
dotenv	17.2.3	17.3.1
eslint-plugin-prettier	5.5.4	5.5.5
eslint-plugin-react-refresh	0.4.24	0.5.2
eslint-plugin-svg-jsx	1.2.4	1.3.0
html-webpack-plugin	5.6.5	5.6.6
mini-css-extract-plugin	2.9.4	2.10.2
react-refresh-typescript	2.0.11	2.0.12
sass	1.94.2	1.98.0
sass-loader	16.0.6	16.0.7
serve	14.2.5	14.2.6
typescript-eslint	8.48.0	8.58.0
webpack	5.103.0	5.105.4
webpack-bundle-analyzer	5.1.0	5.3.0
webpack-dev-server	5.2.2	5.2.3

Updates @marsidev/react-turnstile from 1.3.1 to 1.5.0

Release notes

Sourced from @​marsidev/react-turnstile's releases.

v1.5.0

⚠️ No breaking changes - This is a maintenance release with no API changes for consumers.

🚀 Features

• Tooling Migration: Replaced ESLint/Prettier with Oxlint/Oxfmt for 50-100x faster linting/formatting
• TypeScript v7: Migrated to TypeScript Go implementation (tsgo) for type-checking
• Build System: Replaced tsup with tsdown (Rolldown-based) for 2.3x faster builds
• Security: Added pnpm supply chain security settings
• TanStack Intent: Added AI agent skills for IDE assistance

🐞 Bug Fixes

• Resolved all security vulnerabilities (jsdom, next, minimatch, rollup, ajv)

📦 Dependency Updates

• @antfu/ni: 28.2.0 → 30.0.0
• @playwright/test: 1.58.1 → 1.58.2
• @types/react: 19.2.10 → 19.2.14
• @types/node: 25.2.0 → 25.5.0
• lucide-react: 0.563.0 → 1.6.0
• next: 16.1.6 → 16.2.1
• vitest: 4.0.18 → 4.1.1
• And 10+ more...

📝 Documentation

• Add recipe for form submission retry logic - by @​byalashhab
• Simplified all code examples to TypeScript only
• Added CONTRIBUTING.md with development guide

Full Changelog: v1.4.2...v1.5.0

v1.4.2

   🐞 Bug Fixes

• FeedbackEnabled option cannot be set to false  -  by @​lenstr (42035)

    View changes on GitHub

v1.4.1

   🐞 Bug Fixes

• Prevent race condition when loading Turnstile script  -  by @​marsidev in marsidev/react-turnstile#116 (200c6)

    View changes on GitHub

v1.4.0

What's Changed

... (truncated)

Commits

• 92ad004 chore: release v1.5.0
• f623195 Merge pull request #123 from marsidev/feat/docs
• 9fb6d8b docs: simplify code examples to TypeScript only
• 5fb7fcf chore(demo): resolve TypeScript 7 moduleResolution deprecation error
• 657f243 Merge branch 'main' into feat/docs
• a7d0c6c Merge pull request #125 from byalashhab/form-submission-retry-logic
• 7d91452 feat(docs): form submission retry logic
• 5c09937 chore: upgrade ts
• 4bcdfbd chore: add supply chain security settings
• 35b656a fix: update CONTRIBUTING.md and add typescript dependency for tsdown
• Additional commits viewable in compare view

Updates @reduxjs/toolkit from 2.11.0 to 2.11.2

Release notes

Sourced from @​reduxjs/toolkit's releases.

v2.11.2

This bugfix release updates the AbortSignal handling to fall back if DOMException isn't available (such as RN environments), and updates the TypedUseInfiniteQueryHookResult type to correctly include fetchNextPage/fetchPreviousPage fields.

Changelog

Bugfixes

The AbortSignal changes in 2.11.1 used DOMException in a couple places to match the expected behavior of AbortSignal, but turns out that's not available in environments like React Native. We've updated the logic to fall back to a plain Error if DOMException isn't available.

The TypedUseInfiniteQueryHookResult type wasn't correctly including the fetchNextPage/fetchPreviousPage fields, and now it does.

What's Changed

• fix: use a normal Error when DOMException isn't available by @​EskiMojo14 in reduxjs/redux-toolkit#5161
• Include page functions in TypedUseInfiniteQueryHookResult by @​markerikson in reduxjs/redux-toolkit#5165

Full Changelog: reduxjs/redux-toolkit@v2.11.1...v2.11.2

v2.11.1

This bugfix release fixes an issue with our internal AbortSignal handling that was reported as causing an error in a rare reset situation. We've also restructured our publishing process to use NPM Trusted Publishing, and updated our TS support matrix to only support TS 5.4+.

Changelog

Publishing Changes

We've previously done most of our releases semi-manually locally, with various release process CLI tools. With the changes to NPM publishing security and the recent wave of NPM attacks, we've updated our publishing process to solely use NPM Trusted Publishing via workflows. We've also done a hardening pass on our own CI setup.

We had done a couple releases via CI workflows previously, and later semi-manual releases caused PNPM to warn that RTK was no longer trusted. This release should be trusted and will resolve that issue.

Thanks to the e18e folks and their excellent guide at https://e18e.dev/docs/publishing for making this process easier!

TS Support Matrix Updates

We've previously mentioned rolling changes to our TS support matrix in release notes, but didn't officially document our support policy. We've added a description of the support policy (last 2 years of TS releases, matching DefinitelyTyped) and the current oldest TS version we support in the docs:

• https://redux-toolkit.js.org/introduction/getting-started#typescript
• https://redux-toolkit.js.org/usage/usage-with-typescript#introduction

As of today, we've updated the support matrix to be TS 5.4+ . As always, it's possible RTK will work if you're using an earlier version of TS, but we don't test against earlier versions and don't support any issues with those versions.

We have run an initial test with the upcoming TS 7.0 native tsgo release. We found a couple minor issues with our own TS build and test setup, but no obvious issues with using RTK with TS 7.0.

Bug Fixes

A user reported a rare edge case where the combination of resetApiState and retry() could lead to an error calling an AbortController. We've restructured our AbortController handling logic to avoid that (and simplified a bit of our internals in the process).

What's Changed

• Use trusted publishing and harden workflows by @​markerikson in reduxjs/redux-toolkit#5152

... (truncated)

Commits

• 646d54c Release 2.11.2
• 819b29c Include page functions in TypedUseInfiniteQueryHookResult (#5165)
• 9af97ca fix: use a normal Error when DOMException isn't available (#5161)
• 3615d1a Merge pull request #5120 from reduxjs/vitest-bumps
• fae3b95 avoid excessive type instantiation
• d296e33 fix type issue with RTKQ and reselect
• 9ce71b9 add node to types field
• d14d427 remove unused tests
• 324dd05 bump vite to match
• b0887c4 bump to vitest v4
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​reduxjs/toolkit since your current version.

Updates @uiw/react-md-editor from 4.0.8 to 4.1.0

Release notes

Sourced from @​uiw/react-md-editor's releases.

v4.1.0

Documentation v4.1.0: https://raw.githack.com/uiwjs/react-md-editor/2f25d39/index.html
Comparing Changes: uiwjs/react-md-editor@v4.0.11...v4.1.0

npm i @uiw/react-md-editor@4.1.0

• 🌟 feat: add common highlight entry #704 91d73bf @​jaywcjlove
• ⛑ test: add test case. d6cba67 @​jaywcjlove
• 🐝 refactor: deduplicate editor implementations fa21df9 @​jaywcjlove

v4.0.11

Documentation v4.0.11: https://raw.githack.com/uiwjs/react-md-editor/2383fb1/index.html
Comparing Changes: uiwjs/react-md-editor@v4.0.10...v4.0.11

npm i @uiw/react-md-editor@4.0.11

• 🆎 type: fix nohighlight typescript declaration (#699) 6dfb534 @​Stopa

v4.0.10

Documentation v4.0.10: https://raw.githack.com/uiwjs/react-md-editor/827c15c/index.html
Comparing Changes: uiwjs/react-md-editor@v4.0.9...v4.0.10

npm i @uiw/react-md-editor@4.0.10

• 🐞 fix: expose utility functions in nohighlight entrypoint (#698) a155c57 @​Stopa

v4.0.9

Documentation v4.0.9: https://raw.githack.com/uiwjs/react-md-editor/3e3a622/index.html
Comparing Changes: uiwjs/react-md-editor@v4.0.8...v4.0.9

npm i @uiw/react-md-editor@4.0.9

• 🆎 type: fix type issue. a3b65db @​jaywcjlove
• 🌍 website: resolve build error by fixing cytoscape module export issue. da1f419 @​jaywcjlove

... (truncated)

Commits

• a9e7a7f released v4.1.0 #704
• fa21df9 refactor: deduplicate editor implementations
• d6cba67 test: add test case.
• 91d73bf feat: add common highlight entry #704
• 4e6cda0 doc: Update README.md
• 93399f2 ci: update workflows config.
• 4809327 chore: update funding.
• ff04879 chore: update README.md
• 9ac0048 doc: update core/README.md.
• 2cf10e6 released v4.0.11 #699
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​uiw/react-md-editor since your current version.

Updates react from 19.2.0 to 19.2.4

Release notes

Sourced from react's releases.

19.2.4 (January 26th, 2026)

React Server Components

• Add more DoS mitigations to Server Actions, and harden Server Components (#35632 by @​gnoff, @​lubieowoce, @​sebmarkbage, @​unstubbable)

19.2.3 (December 11th, 2025)

React Server Components

• Add extra loop protection to React Server Functions (@​sebmarkbage #35351)

19.2.2 (December 11th, 2025)

React Server Components

• Move react-server-dom-webpack/*.unbundled to private react-server-dom-unbundled (@​eps1lon facebook/react#35290)
• Patch Promise cycles and toString on Server Functions (@​sebmarkbage, @​unstubbable #35289, #35345)

19.2.1 (December 3rd, 2025)

React Server Components

• Bring React Server Component fixes to Server Actions (@​sebmarkbage #35277)

Changelog

Sourced from react's changelog.

19.2.1 (Dec 3, 2025)

React Server Components

• Bring React Server Component fixes to Server Actions (@​sebmarkbage #35277)

Commits

• 90ab3f8 Version 19.2.4
• 612e371 Version 19.2.3
• b910fc1 Version 19.2.2
• 053df4e Version 19.2.1
• See full diff in compare view

Updates @types/react from 19.2.7 to 19.2.14

Commits

• See full diff in compare view

Updates react-dom from 19.2.0 to 19.2.4

Release notes

Sourced from react-dom's releases.

19.2.4 (January 26th, 2026)

React Server Components

• Add more DoS mitigations to Server Actions, and harden Server Components (#35632 by @​gnoff, @​lubieowoce, @​sebmarkbage, @​unstubbable)

19.2.3 (December 11th, 2025)

React Server Components

• Add extra loop protection to React Server Functions (@​sebmarkbage #35351)

19.2.2 (December 11th, 2025)

React Server Components

• Move react-server-dom-webpack/*.unbundled to private react-server-dom-unbundled (@​eps1lon facebook/react#35290)
• Patch Promise cycles and toString on Server Functions (@​sebmarkbage, @​unstubbable #35289, #35345)

19.2.1 (December 3rd, 2025)

React Server Components

• Bring React Server Component fixes to Server Actions (@​sebmarkbage #35277)

Changelog

Sourced from react-dom's changelog.

19.2.1 (Dec 3, 2025)

React Server Components

• Bring React Server Component fixes to Server Actions (@​sebmarkbage #35277)

Commits

• 90ab3f8 Version 19.2.4
• 612e371 Version 19.2.3
• b910fc1 Version 19.2.2
• 053df4e Version 19.2.1
• See full diff in compare view

Updates react-hook-form from 7.67.0 to 7.72.0

Release notes

Sourced from react-hook-form's releases.

Version 7.72.0

⚓️ feat: built-in form level validate (#13195)

useForm({
  validate: async ({ formValues }: FormValidateResult) => {
    if (formValues.test1.length > formValues.test.length) {
      return {
        type: 'formError',
        message: 'something is wrong here',
      };
    }
if (formValues.test === 'test') {
  return 'direct error message';
}
return true;

},
});

🐞 fix: prevent useFieldArray from marking unrelated fields as dirty (#13299) 🐞 fix #13300 checkbox form validation ignored with native validation (#13310) 🌉 allow subscribe formState to track submit state (#13319)

thanks to @​WiXSL, @​BrendanC23 & @​6810779s

Version 7.71.2

🕵️‍♂️ fix: use DeepPartialSkipArrayKey for WatchObserver value parameter (#13278) 🧹 fix(clearErrors): emit name signal for targeted field updates (#13280)

thanks to @​veeceey, @​kaigritun, @​pgoslatara & @​seongbiny

Version v7.71.1

🐞 fix #13250 issue with booleans_as_integers (#13252)

Version 7.71.0

⚡ perf: memoize FormProvider context value to prevent unnecessary rerenders (#13235) 🚄 perf: separate control context to prevent unnecessary rerenders (#13234) 🐞 fix: update isValid when field disabled state changes (#13231) 👌 chore: optimize bundle size via safe terser options (#13243) (#13244)

thanks to @​kamja44, @​a28689604 & @​newsiberian

Version 7.70.0

✅ watch type improvement (#13228) 🐞 fix: prevent field array ghost elements with keepDirtyValues (#13188) 🐞 fix: improve invalid date handling in deepEqual and validation (#13230)

... (truncated)

Commits

• 1fecf73 7.72.0
• f5373fe 🌉 allow subscribe formState to track submit state (#13319)
• f5deec5 📖 chore: update issue template CodeSandbox links (#13315)
• 3f4d0f3 🐞 fix #13300 checkbox form valdiation ignored with native valdiation (#13310)
• 2e8f081 🐞 fix: prevent useFieldArray from marking unrelated fields as dirty (#13299)
• 6067c3f ⚓️ feat: build-in form level validate (#13195)
• 85684f9 7.71.2
• 4933dcc 🧹 fix(clearErrors): emit name signal for targeted field updates (#13280)
• 319b3ed 🕵️‍♂️ fix: use DeepPartialSkipArrayKey for WatchObserver value parameter (#13...
• 0e04ad3 🏋️‍♀️ chore: Update outdated GitHub Actions versions (#13274)
• Additional commits viewable in compare view

Updates react-router from 7.9.6 to 7.13.2

Release notes

Sourced from react-router's releases.

v7.13.2

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7132

v7.13.1

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7131

v7.13.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7130

v7.12.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7120

v7.11.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7110

v7.10.1

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7101

v7.10.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7100

Changelog

Sourced from react-router's changelog.

7.13.2

Patch Changes

• Fix clientLoader.hydrate when an ancestor route is also hydrating a clientLoader (#14835)

• Fix type error when passing Framework Mode route components using Route.ComponentProps to createRoutesStub (#14892)

• Fix percent encoding in relative path navigation (#14786)

• Add future.unstable_passThroughRequests flag (#14775)

  By default, React Router normalizes the request.url passed to your loader, action, and middleware functions by removing React Router's internal implementation details (.data suffixes, index + _routes query params).

  Enabling this flag removes that normalization and passes the raw HTTP request instance to your handlers. This provides a few benefits:

  • Reduces server-side overhead by eliminating multiple new Request() calls on the critical path
  • Allows you to distinguish document from data requests in your handlers base don the presence of a .data suffix (useful for observability purposes)

  If you were previously relying on the normalization of request.url, you can switch to use the new sibling unstable_url parameter which contains a URL instance representing the normalized location:

  // ❌ Before: you could assume there was no `.data` suffix in `request.url`
  export async function loader({ request }: Route.LoaderArgs) {
    let url = new URL(request.url);
    if (url.pathname === "/path") {
      // This check will fail with the flag enabled because the `.data` suffix will
      // exist on data requests
    }
  }
  // ✅ After: use unstable_url for normalized routing logic and request.url
  // for raw routing logic
  export async function loader({ request, unstable_url }: Route.LoaderArgs) {
  if (unstable_url.pathname === "/path") {
  // This will always have the .data suffix stripped
  }
  // And now you can distinguish between document versus data requests
  let isDataRequest = new URL(request.url).pathname.endsWith(".data");
  }

• Internal refactor to consolidate framework-agnostic/React-specific route type layers - no public API changes (#14765)

• Sync protocol validation to rsc flows (#14882)

• Add a new unstable_url: URL parameter to route handler methods (loader, action, middleware, etc.) representing the normalized URL the application is navigating to or fetching, with React Router implementation details removed (.datasuffix, index/_routes query params) (#14775)

  This is being added alongside the new future.unstable_passthroughRequests future flag so that users still have a way to access the normalized URL when that flag is enabled and non-normalized request's are being passed to your handlers. When adopting this flag, you will only need to start leveraging this new parameter if you are relying on the normalization of request.url in your application code.

... (truncated)

Commits

• aadb56f chore: Update version for release (#14908)
• c68a9b3 chore: Update version for release (pre) (#14893)
• 8c3c7ce fix: allow Framework Mode route components to be passed to createRoutesStub (...
• 1cd923e chore: format
• 830d3ba Fix percent encoding in relative path navigation (#14786)
• 8646d39 Align redirect protocol validation in RSC flows (#14882)
• 7d21b1c Add additional unit test - hydrate fallback rendering for SPA middleware w/o ...
• 8a10826 docs: fix typo in useNavigate documentation (#14848)
• bda5bb7 Fix typo in comment (#14844)
• bbe4a73 chore: format
• Additional commits viewable in compare view

Updates zod from 4.1.13 to 4.3.6

Release notes

Sourced from zod's releases.

v4.3.6

Commits:

• 9977fb0868432461de265a773319e80a90ba3e37 Add brand.dev to sponsors
• f4b7bae3468f6188b8f004e007d722148fc91d77 Update pullfrog.yml (#5634)
• 251d7163a0ac7740fee741428d913e3c55702ace Clean up workflow_call
• edd4132466da0f5065a8e051b599d01fdd1081d8 fix: add missing User-agent to robots.txt and allow all (#5646)
• 85db85e9091d0706910d60c7eb2e9c181edd87bd fix: typo in codec.test.ts file (#5628)
• cbf77bb12bdfda2e054818e79001f5cb3798ce76 Avoid non null assertion (#5638)
• dfbbf1c1ae0c224b8131d80ddf0a264262144086 Avoid re-exported star modules (#5656)
• 762e911e5773f949452fd6dd4e360f2362110e8e Generalize numeric key handling
• ca3c8629c0c2715571f70b44c2433cad3db7fe4e v4.3.6

v4.3.5

Commits:

• 21afffdb42ccab554036312e33fed0ea3cb8f982 [Docs] Update migration guide docs for deprecation of message (#5595)
• e36743e513aadb307b29949a80d6eb0dcc8fc278 Improve mini treeshaking
• 0cdc0b8597999fd9ca99767b912c1e82c1ff2d6c 4.3.5

v4.3.4

Commits:

• 1a8bea3b474eada6f219c163d0d3ad09fadabe72 Add integration tests
• e01cd02b2f23d7e9078d3813830b146f8a2258b4 Support patternProperties for looserecord (#5592)
• 089e5fbb0f58ce96d2c4fb34cd91724c78df4af5 Improve looseRecord docs
• decef9c418d9a598c3f1bada06891ba5d922c5cd Fix lint
• 9443aab00d44d5d5f4a7eada65fc0fc851781042 Drop iso time in fromJSONSchema
• 66bda7491a1b9eab83bdeec0c12f4efc7290bd48 Remove .refine() from ZodMiniType
• b4ab94ca608cd5b581bfc12b20dd8d95b35b3009 4.3.4

v4.3.3

Commits:

• f3b2151959d215d405f54dff3c7ab3bf1fd887ca v4.3.3

v4.3.2

Commits:

• bf96635d243118de6e4f260077aa137453790bf6 Loosen strictObjectinside intersection (#5587)
• f71dc0182ab0f0f9a6be6295b07faca269e10179 Remove Juno (#5590)
• 0f41e5a12a43e6913c9dcb501b2b5136ea86500d 4.3.2

v4.3.1

Commits:

• 0fe88407a4149c907929b757dc6618d8afe998fc allow non-overwriting extends with refinements. 4.3.1

v4.3.0

This is Zod's biggest release since 4.0. It addresses several of Zod's longest-standing feature requests.

... (truncated)

Commits

• ca3c862 v4.3.6
• 762e911 Generalize numeric key handling
• dfbbf1c Avoid re-exported star modules (#5656)
• cbf77bb Avoid non null assertion (#5638)
• 85db85e fix: typo in codec.test.ts file (#5628)
• edd4132 fix: add missing User-agent to robots.txt and allow all (#5646)
• 251d716 Clean up workflow_call
• f4b7bae Update pullfrog.yml (#5634)
• 9977fb0 Add brand.dev to sponsors
• 0cdc0b8 4.3.5
• Additional commits viewable in compare view

Updates @rtk-query/codegen-openapi from 2.1.0 to 2.2.0

Release notes

Sourced from @​rtk-query/codegen-openapi's releases.

@​rtk-query/codegen-openapi@​2.2.0

This feature release adds new RTKQ codegen config options for outputting regex constants when the pattern keyword is used in an OpenAPI definition, and defining explicit tag overrides on a per-endpoint basis as part of the codegen config.

What's Changed

• feat: (codegen) output regex patterns for generated schemas by @​RhysOnlyBetter in reduxjs/redux-toolkit#5146
• feat(codegen): support explicit tag overrides without altering defaults by @​w3di in reduxjs/redux-toolkit#5135
• Add test for #3369 by @​markerikson in reduxjs/redux-toolkit#5154

Full Changelog: https://github.com/reduxjs/redux-toolkit/compare/@​rtk-query/codegen-openapi@​2.1.0...@​rtk-query/codegen-openapi@​2.2.0

Commits

• cbfeafe Release @​rtk-query/codegen-openapi 2.2.0
• 949b77b Release @​rtk-query/codegen-openapi 2.2.0-alpha.0
• 30d0d88 Add test for #3369 (#5154)
• cdff16f feat(codegen): support explicit tag overrides without altering defaults (#5135)
• 53d02cc feat: (codegen) output regex patterns for generated schemas (#5146)
• 96ca56f Add missed release-it entry (#5153)
• 55af92a Use trusted publishing and harden workflows (#5152)
• 92db1da docs: explain stripping undefined params before URLSearchParams (#5147)
• 39e7c8f Release 2.11.0
• c13e494 Add refetchCachedPages option for infinite query (#5016)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​rtk-query/codegen-openapi since your current version.

Updates @trivago/prettier-plugin-sort-imports from 6.0.0 to 6.0.2

Release notes

Sourced from @​trivago/prettier-plugin-sort-imports's releases.

v6.0.2

What's Changed

• Fix recognising mandatory prefix built-in imports by @​TomFryersMidsummer in trivago/prettier-plugin-sort-imports#389

New Contributors

• @​TomFryersMidsummer made their first contribution in trivago/prettier-plugin-sort-imports#389

Full Changelog: trivago/prettier-plugin-sort-imports@v6.0.1...v6.0.2

v6.0.1

What's Changed

• ignore eslint errors due to undefined export variables by @​vladislavarsenev in trivago/prettier-plugin-sort-imports#391

Full Changelog: trivago/prettier-plugin-sort-imports@v6.0.0...v6.0.1

Changelog

Sourced from @​trivago/prettier-plugin-sort-imports's changelog.

6.0.2

Bug fixes

• Fix recognising mandatory prefix built-in imports #389 by @​TomFryersMidsummer - Fixed detection of Node.js built-in modules that are only accessible with the node: prefix (like node:test, node:sqlite) to be correctly recognized when using <BUILTIN_MODULES> placeholder

6.0.1

Bug fixes

• Fix Svelte export snippet parsing #390 - Fixed by adding support for new Svelte snippet syntax

Commits

• d9c690f bump version. update changelog.
• 97214c3 Merge pull request #389 from TomFryersMidsummer/patch-1
• 7235355 Merge branch 'main' into patch-1
• 0c37c9d bump version
• 035e20a Merge pull request #391 from trivago/svelte-snippet-support
• d626e1b ignore eslint errors due to undefined export variables
• 0b1dc59 Fix recognising mandatory prefix built-in imports
• See full diff in compare view

Updates @types/react from 19.2.7 to 19.2.14

Commits

• See full diff in compare view

Updates css-loader from 7.1.2 to 7.1.4

Release notes

Sourced from css-loader's releases.

v7.1.4

7.1.4 (2026-02-16)

Bug Fixes

• update peer dependency for @​rspack/core v2 (#1652) (aeddefe)

v7.1.3

7.1.3 (2026-01-27)

Bug Fixes

• allow to use module class name (#1649) (01869bc)
• use official createHash for hashes (#1618) (06587e5)
• use official hash* options for hashes (#1619) (9544c3e)

Changelog

Sourced from css-loader's changelog.

7.1.4 (2026-02-16)

Bug Fixes

• update peer dependency for @​rspack/core v2 (#1652) (aeddefe)

7.1.3 (2026-01-27)

Bug Fixes

• allow to use module class name (#1649) (01869bc)
• use official createHash for hashes (#1618) (06587e5)
• use official hash* options for hashes (#1619) (9544c3e)

Commits

• 5b795af chore(release): 7.1.4
• aeddefe fix: update peer dependency for @​rspack/core v2 (#1652)
• b2b2de7 chore(release): 7.1.3
• 01869bc fix: allow to use module class name (#1649)
• 7dd15ec chore(deps): bump js-yaml (#1648)
• db26202 chore(deps-dev): bump lodash from 4.17.21 to 4.17.23 (#1647)
• 7daf1b8 Update CONTRIBUTING link to point to GitHub page
• de1e633 chore: correct link path (#1645)
• 563ad63 chore: migrate from contrib and swap branches (#1644)
• e68bf7e chore: update github actions/checkout from v4 to v5 (#1642)
• Additional commits viewable in compare view

Updates dotenv from 17.2.3 to 17.3.1

Changelog

Sourced from dotenv's changelog.

17.3.1 (2026-02-12)

Changed

• Fix as2 example command in README and update spanish README

17.3.0 (2026-02-12)

Added

• Add a new README section on dotenv’s approach to the agentic future.

Changed

• Rewrite REA...

  Description has been truncated