Skip to content

chore(deps): bump the dependencies group across 1 directory with 10 updates#20

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/dependencies-279192ab50
Open

chore(deps): bump the dependencies group across 1 directory with 10 updates#20
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/dependencies-279192ab50

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github Apr 14, 2026
edited
Loading

Bumps the dependencies group with 10 updates in the / directory:

Package From To
turbo 2.8.20 2.9.6
typescript 5.9.3 6.0.2
next 15.2.0 16.2.3
react 19.2.4 19.2.5
react-dom 19.2.4 19.2.5
@types/node 22.19.15 25.6.0
vitest 2.1.9 4.1.4
@vitest/coverage-v8 2.1.9 4.1.4
vite-tsconfig-paths 5.1.4 6.1.1
jsdom 25.0.1 29.0.2

Updates turbo from 2.8.20 to 2.9.6

Release notes

Sourced from turbo's releases.

Turborepo v2.9.6

What's Changed

create-turbo

Examples

Changelog

Full Changelog: vercel/turborepo@v2.9.5...v2.9.6

Turborepo v2.9.6-canary.3

What's Changed

Changelog

Full Changelog: vercel/turborepo@v2.9.6-canary.2...v2.9.6-canary.3

Turborepo v2.9.6-canary.2

What's Changed

create-turbo

Examples

Changelog

Full Changelog: vercel/turborepo@v2.9.6-canary.1...v2.9.6-canary.2

Turborepo v2.9.6-canary.1

What's Changed

@​turbo/telemetry

... (truncated)

Commits

Updates typescript from 5.9.3 to 6.0.2

Release notes

Sourced from typescript's releases.

TypeScript 6.0

For release notes, check out the release announcement blog post.

Downloads are available on:

TypeScript 6.0 Beta

For release notes, check out the release announcement.

Downloads are available on:

Commits

Updates next from 15.2.0 to 16.2.3

Release notes

Sourced from next's releases.

v16.2.3

[!NOTE] This release is backporting security and bug fixes. For more information about the fixed security vulnerability, please see https://vercel.com/changelog/summary-of-cve-2026-23869. The release does not include all pending features/changes on canary.

Core Changes

  • Ensure app-page reports stale ISR revalidation errors via onRequestError (#92282)
  • Fix [Bug]: manifest.ts breaks HMR in Next.js 16.2 (#91981 through #92273)
  • Deduplicate output assets and detect content conflicts on emit (#92292)
  • Fix styled-jsx race condition: styles lost due to concurrent rendering (#92459)
  • turbo-tasks-backend: stability fixes for task cancellation and error handling (#92254)

Credits

Huge thanks to @​icyJoseph, @​sokra, @​wbinnssmith, @​eps1lon and @​ztanner for helping!

v16.2.2

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • backport: Move expanded adapters docs to API reference (#92115) (#92129)
  • Backport: TypeScript v6 deprecations for baseUrl and moduleResolution (#92130)
  • [create-next-app] Skip interactive prompts when CLI flags are provided (#91840)
  • next.config.js: Accept an option for serverFastRefresh (#91968)
  • Turbopack: enable server HMR for app route handlers (#91466)
  • Turbopack: exclude metadata routes from server HMR (#92034)
  • Fix CI for glibc linux builds
  • Backport: disable bmi2 in qfilter #92177
  • [backport] Fix CSS HMR on Safari (#92174)

Credits

Huge thanks to @​nextjs-bot, @​icyJoseph, @​ijjk, @​gaojude, @​wbinnssmith, @​lukesandberg, and @​bgw for helping!

v16.2.1

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • docs: post release amends (#91715)
  • docs: fix broken Activity Patterns demo link in preserving UI state guide (#91698)
  • Fix adapter outputs for dynamic metadata routes (#91680)
  • Turbopack: fix webpack loader runner layer (#91727)
  • Fix server actions in standalone mode with cacheComponents (#91711)
  • turbo-persistence: remove Unmergeable mmap advice (#91713)
  • Fix layout segment optimization: move app-page imports to server-utility transition (#91701)
  • Turbopack: lazy require metadata and handle TLA (#91705)
  • [turbopack] Respect {eval:true} in worker_threads constructors (#91666)

... (truncated)

Commits
  • d5f649b v16.2.3
  • 2873928 [16.x] Avoid consuming cyclic models multiple times (#75)
  • d7c7765 [backport]: Ensure app-page reports stale ISR revalidation errors via onReque...
  • c573e8c fix(server-hmr): metadata routes overwrite page runtime HMR handler (#92273)
  • 57b8f65 next-core: deduplicate output assets and detect content conflicts on emit (#9...
  • f158df1 Fix styled-jsx race condition: styles lost due to concurrent rendering (#92459)
  • 356d605 turbo-tasks-backend: stability fixes for task cancellation and error handling...
  • 3b77a6e Fix DashMap read-write self-deadlock in task_cache causing hangs (#92210)
  • b2f208a Backport: new view-transitions guide, update and fixes (#92264)
  • 52faae3 v16.2.2
  • Additional commits viewable in compare view

Updates react from 19.2.4 to 19.2.5

Release notes

Sourced from react's releases.

19.2.5 (April 8th, 2026)

React Server Components

Commits

Updates react-dom from 19.2.4 to 19.2.5

Release notes

Sourced from react-dom's releases.

19.2.5 (April 8th, 2026)

React Server Components

Commits

Updates @types/node from 22.19.15 to 25.6.0

Commits

Updates vitest from 2.1.9 to 4.1.4

Release notes

Sourced from vitest's releases.

v4.1.4

   🚀 Experimental Features

   🐞 Bug Fixes

    View changes on GitHub

v4.1.3

   🚀 Experimental Features

   🐞 Bug Fixes

    View changes on GitHub

v4.1.2

This release bumps Vitest's flatted version and removes version pinning to resolve flatted's CVE related issues (vitest-dev/vitest#9975).

... (truncated)

Commits
  • ac04bac chore: release v4.1.4
  • 82c858d chore: Remove no-op function in plugin config logic (#8501)
  • d4fbb5c feat(experimental): support aria snapshot (#9668)
  • b77de96 feat(reporter): add filterMeta option to json reporter (#10078)
  • a120e3a feat(experimental): expose assertion as a public field (#10095)
  • 5375780 feat(coverage): default to text reporter skipFull if agent detected (#10018)
  • a1b5f0f fix: make expect(..., message) consistent as error message prefix (#10068)
  • 203f07a fix: use "black" foreground for labeled terminal message to ensure contrast (...
  • 2dc0d62 chore: release v4.1.3
  • 7827363 feat: add experimental.preParse flag (#10070)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for vitest since your current version.


Updates @vitest/coverage-v8 from 2.1.9 to 4.1.4

Release notes

Sourced from @​vitest/coverage-v8's releases.

v4.1.4

   🚀 Experimental Features

   🐞 Bug Fixes

    View changes on GitHub

v4.1.3

   🚀 Experimental Features

   🐞 Bug Fixes

    View changes on GitHub

v4.1.2

This release bumps Vitest's flatted version and removes version pinning to resolve flatted's CVE related issues (vitest-dev/vitest#9975).

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​vitest/coverage-v8 since your current version.


Updates vite-tsconfig-paths from 5.1.4 to 6.1.1

Release notes

Sourced from vite-tsconfig-paths's releases.

v6.1.0

Features

  • New importerFilter option: Provides fine-grained control over which files should have their imports resolved by this plugin. (Closes #175, #193)
  • Ignore .d.ts overrides: The plugin now ignores resolutions that point to .d.ts files, avoiding issues when tsconfig is used for opt-in type overrides. (Closes #179, #180)

Performance

  • Hoisted regular expressions out of the hot path in the resolver for better performance.

Internal

  • Added resolvedToDeclarationFile event to the debug log file.

v6.0.0

Note: No intentional breaking changes. Major version bump due to extensive internal refactoring; downgrade to v5 if needed.

Highlights

  • On-demand tsconfig discovery via projectDiscovery: "lazy", while eager discovery remains the default.
  • tsconfig/jsconfig files are watched and reloaded automatically in both modes, including during vite build --watch.
  • New logFile option for per-import resolution traces (pass true for vite-tsconfig-paths.log or provide a path).
  • Support for root /* aliases and other absolute-style imports.
  • Support for .astro files when allowJs/loose is enabled.

Fixes

  • More reliable tsconfig watching and resolver refreshes: handles lazy discovery edge cases, recreates resolvers after file changes, tolerates missing directories, and copes better with virtual importers.
  • Windows path handling now normalizes drive-letter casing to avoid missed matches (#183).

Upgrade notes

  • Install the stable release: pnpm add -D vite-tsconfig-paths.
  • Opt into lazy discovery or logging when needed:
import tsconfigPaths from 'vite-tsconfig-paths'
export default {
plugins: [
tsconfigPaths({
projectDiscovery: 'lazy',
logFile: true,
}),
],
}

  • Rooted path patterns such as "/*": ["src/*"] now resolve the same way tsserver does.

v6.0.0-beta.4

  • fix(windows): ensure drive letter is uppercase (#183)
  • feat: add .astro to JS-like extension regex (fbbc8edb86606c612565a6672c8e0ae93f0001a0)

... (truncated)

Commits
  • dff2e93 chore: release v6.1.1
  • 947f434 fix: skip .json resolutions in certain cases
  • 457211a chore(docs): mention the importerFilter option
  • 2152461 chore: upgrade vitest
  • c5659ce chore: release v6.1.0
  • 93dd887 chore: add "resolvedToDeclarationFile" event to log file
  • e1e7678 feat: ignore .d.ts-only overrides in tsconfig
  • c8e4ec3 chore(perf): hoist regexes out of hot path
  • d0ad01c feat: add importerFilter option
  • 0b47a6a chore: release v6.0.5
  • Additional commits viewable in compare view

Updates jsdom from 25.0.1 to 29.0.2

Release notes

Sourced from jsdom's releases.

v29.0.2

  • Significantly improved and sped up getComputedStyle(). Computed value rules are now applied across a broader set of properties, and include fixes related to inheritance, defaulting keywords, custom properties, and color-related values such as currentcolor and system colors. (@​asamuzaK)
  • Fixed CSS 'background' and 'border' shorthand parsing. (@​asamuzaK)

v29.0.1

  • Fixed CSS parsing of 'border', 'background', and their sub-shorthands containing keywords or var(). (@​asamuzaK)
  • Fixed getComputedStyle() to return a more functional CSSStyleDeclaration object, including indexed access support, which regressed in v29.0.0.

v29.0.0

Breaking changes:

  • Node.js v22.13.0+ is now the minimum supported v22 version (was v22.12.0+).

Other changes:

  • Overhauled the CSSOM implementation, replacing the @acemir/cssom and cssstyle dependencies with fresh internal implementations built on webidl2js wrappers and the css-tree parser. Serialization, parsing, and API behavior is improved in various ways, especially around edge cases.
  • Added CSSCounterStyleRule and CSSNamespaceRule to jsdom Windows.
  • Added cssMediaRule.matches and cssSupportsRule.matches getters.
  • Added proper media query parsing in MediaList, using css-tree instead of naive comma-splitting. Invalid queries become "not all" per spec.
  • Added cssKeyframeRule.keyText getter/setter validation.
  • Added cssStyleRule.selectorText setter validation: invalid selectors are now rejected.
  • Added styleSheet.ownerNode, styleSheet.href, and styleSheet.title.
  • Added bad port blocking per the fetch specification, preventing fetches to commonly-abused ports.
  • Improved Document initialization performance by lazily initializing the CSS selector engine, avoiding ~0.5 ms of overhead per Document. (@​thypon)
  • Fixed a memory leak when stylesheets were removed from the document.
  • Fixed CSSStyleDeclaration modifications to properly trigger custom element reactions.
  • Fixed nested @media rule parsing.
  • Fixed CSSStyleSheet's "disallow modification" flag not being checked in all mutation methods.
  • Fixed XMLHttpRequest's response getter returning parsed JSON during the LOADING state instead of null.
  • Fixed getComputedStyle() crashing in XHTML documents when stylesheets contained at-rules such as @page or @font-face.
  • Fixed a potential hang in synchronous XMLHttpRequest caused by a race condition with the worker thread's idle timeout.

v28.1.0

  • Added blob.text(), blob.arrayBuffer(), and blob.bytes() methods.
  • Improved getComputedStyle() to account for CSS specificity when multiple rules apply. (@​asamuzaK)
  • Improved synchronous XMLHttpRequest performance by using a persistent worker thread, avoiding ~400ms of setup overhead on every synchronous request after the first one.
  • Improved performance of node.getRootNode(), node.isConnected, and event.dispatchEvent() by caching the root node of document-connected trees.
  • Fixed getComputedStyle() to correctly handle !important priority. (@​asamuzaK)
  • Fixed document.getElementById() to return the first element in tree order when multiple elements share the same ID.
  • Fixed <svg> elements to no longer incorrectly proxy event handlers to the Window.
  • Fixed FileReader event timing and fileReader.result state to more closely follow the spec.
  • Fixed a potential hang when synchronous XMLHttpRequest encountered dispatch errors.
  • Fixed compatibility with environments where Node.js's built-in fetch() has been used before importing jsdom, by working around undici v6/v7 incompatibilities.

v28.0.0

  • Overhauled resource loading customization. See the new README for details on the new API.
  • Added MIME type sniffing to <iframe> and <frame> loads.
  • Regression: WebSockets are no longer correctly throttled to one connection per origin. This is a result of the bug at nodejs/undici#4743.
  • Fixed decoding of the query components of <a> and <area> elements in non-UTF-8 documents.
  • Fixed XMLHttpRequest fetches and WebSocket upgrade requests to be interceptable by the new customizable resource loading. (Except synchronous XMLHttpRequests.)

... (truncated)

Commits
  • 2a1e2cd 29.0.2
  • 4097d66 Resolve computed CSS values lazily in CSSStyleDeclaration
  • cf5523f Add more test cases for nested color-mix with currentColor
  • b33b616 Add test that getComputedStyle() works with !important
  • 6bf559c Add test for custom property inheritance in computed styles
  • 6817657 Fix border shorthand handling
  • 470f5c5 Consolidate color helpers
  • 3db53cb Fix background shorthand handlers
  • 678e840 Remove some longhand property files
  • d526a07 Add regression test for getComputedStyle() liveness
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for jsdom since your current version.

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the dependencies group across 1 directory with 10 u…
59f918c 
…pdates

Bumps the dependencies group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [turbo](https://github.com/vercel/turborepo) | `2.8.20` | `2.9.6` |
| [typescript](https://github.com/microsoft/TypeScript) | `5.9.3` | `6.0.2` |
| [next](https://github.com/vercel/next.js) | `15.2.0` | `16.2.3` |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.4` | `19.2.5` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.4` | `19.2.5` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `22.19.15` | `25.6.0` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `2.1.9` | `4.1.4` |
| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `2.1.9` | `4.1.4` |
| [vite-tsconfig-paths](https://github.com/aleclarson/vite-tsconfig-paths) | `5.1.4` | `6.1.1` |
| [jsdom](https://github.com/jsdom/jsdom) | `25.0.1` | `29.0.2` |



Updates `turbo` from 2.8.20 to 2.9.6
- [Release notes](https://github.com/vercel/turborepo/releases)
- [Changelog](https://github.com/vercel/turborepo/blob/main/RELEASE.md)
- [Commits](vercel/turborepo@v2.8.20...v2.9.6)

Updates `typescript` from 5.9.3 to 6.0.2
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](microsoft/TypeScript@v5.9.3...v6.0.2)

Updates `next` from 15.2.0 to 16.2.3
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v15.2.0...v16.2.3)

Updates `react` from 19.2.4 to 19.2.5
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.5/packages/react)

Updates `react-dom` from 19.2.4 to 19.2.5
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.5/packages/react-dom)

Updates `@types/node` from 22.19.15 to 25.6.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `vitest` from 2.1.9 to 4.1.4
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.4/packages/vitest)

Updates `@vitest/coverage-v8` from 2.1.9 to 4.1.4
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.4/packages/coverage-v8)

Updates `vite-tsconfig-paths` from 5.1.4 to 6.1.1
- [Release notes](https://github.com/aleclarson/vite-tsconfig-paths/releases)
- [Commits](aleclarson/vite-tsconfig-paths@v5.1.4...v6.1.1)

Updates `jsdom` from 25.0.1 to 29.0.2
- [Release notes](https://github.com/jsdom/jsdom/releases)
- [Commits](jsdom/jsdom@v25.0.1...v29.0.2)

---
updated-dependencies:
- dependency-name: turbo
  dependency-version: 2.9.6
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: typescript
  dependency-version: 6.0.2
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: next
  dependency-version: 16.2.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: react
  dependency-version: 19.2.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: react-dom
  dependency-version: 19.2.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: "@types/node"
  dependency-version: 25.6.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: vitest
  dependency-version: 4.1.4
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: "@vitest/coverage-v8"
  dependency-version: 4.1.4
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: vite-tsconfig-paths
  dependency-version: 6.1.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: jsdom
  dependency-version: 29.0.2
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 14, 2026
@dependabot dependabot Bot requested a review from jakesterns as a code owner April 14, 2026 22:18
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 14, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jakesterns jakesterns Awaiting requested review from jakesterns jakesterns is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants