chore(deps)(deps): bump the production-dependencies group across 1 directory with 4 updates

[dependabot]

Bumps the production-dependencies group with 4 updates in the / directory: @radix-ui/react-slot, axios, react-hook-form and react-router-dom.

Updates @radix-ui/react-slot from 1.2.5 to 1.3.0

Changelog

Sourced from @​radix-ui/react-slot's changelog.

1.3.0

Added generic type arguments for SlotProps and createSlot

SlotProps and createSlot now accept generic type arguments to specify the type of element a slot should render, as well as its props.

const Slot = createSlot<HTMLButtonElement, MyCustomButtonProps>("Slot");

Commits

• See full diff in compare view

Updates axios from 1.17.0 to 1.18.0

Release notes

Sourced from axios's releases.

v1.18.0 — June 13, 2026

This release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.

🔒 Security Fixes

• Redirect Header Safety: Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (#10892)

• URL And Request Hardening: Rejects malformed http: and https: URLs that omit // with ERR_INVALID_URL, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local NO_PROXY matching. (#11000)

🐛 Bug Fixes

• Status Validation: Added transitional.validateStatusUndefinedResolves so applications can opt in to treating validateStatus: undefined like the option was omitted, while validateStatus: null remains the explicit way to accept every status. (#10899)

🔧 Maintenance & Chores

• Documentation: Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the proxy request config as Node.js-only in the advanced docs. (#10984, #10988, #10992, #10995)

• Dependencies: Bumped @babel/core, @babel/preset-env, @commitlint/cli, @commitlint/config-conventional, @rollup/plugin-babel, @rollup/plugin-commonjs, @vitest/browser, @vitest/browser-playwright, eslint, lint-staged, rollup, vitest, and actions/checkout. (#10989, #10996, #10997)

• Release Metadata: Prepared the 1.18.0 release by updating package metadata and the runtime VERSION value. (#11003)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

• @​drori12 (#10984)
• @​eyupcanakman (#10899)
• @​Adi-Beker (#10995)

Full Changelog

Changelog

Sourced from axios's changelog.

v1.18.0 — June 13, 2026

This release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.

🔒 Security Fixes

• Redirect Header Safety: Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (#10892)

• URL And Request Hardening: Rejects malformed http: and https: URLs that omit // with ERR_INVALID_URL, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local NO_PROXY matching. (#11000)

🐛 Bug Fixes

• Status Validation: Added transitional.validateStatusUndefinedResolves so applications can opt in to treating validateStatus: undefined like the option was omitted, while validateStatus: null remains the explicit way to accept every status. (#10899)

🔧 Maintenance & Chores

• Documentation: Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the proxy request config as Node.js-only in the advanced docs. (#10984, #10988, #10992, #10995)

• Dependencies: Bumped @babel/core, @babel/preset-env, @commitlint/cli, @commitlint/config-conventional, @rollup/plugin-babel, @rollup/plugin-commonjs, @vitest/browser, @vitest/browser-playwright, eslint, lint-staged, rollup, vitest, and actions/checkout. (#10989, #10996, #10997)

• Release Metadata: Prepared the 1.18.0 release by updating package metadata and the runtime VERSION value. (#11003)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

• @​drori12 (#10984)
• @​eyupcanakman (#10899)
• @​Adi-Beker (#10995)

Full Changelog

Commits

• 2d06f96 chore(release): prepare release 1.18.0 (#11003)
• 32fc489 fix: malformed http urls (#11000)
• b40ce49 chore(deps-dev): bump the development_dependencies group with 10 updates (#10...
• fe964f9 docs: mark proxy config as Node.js only (#10995)
• 5f229d2 chore(deps): bump actions/checkout from 6.0.2 to 6.0.3 in the github-actions ...
• fae9d4e docs: clarify package update PR policy (#10992)
• 28ab2ce chore(deps-dev): bump the development_dependencies group with 2 updates (#10989)
• a8e4f13 fix(core): keep default validateStatus when request passes undefined (#10899)
• 614f455 docs: publish v1.17.0 release notes (#10988)
• 6bb12c1 fix: custom auth headers not stripped on cross-origin redirects (#10892)
• Additional commits viewable in compare view

Updates react-hook-form from 7.78.0 to 7.80.0

Release notes

Sourced from react-hook-form's releases.

Version 7.80.0

🧄 feat: disable useFieldArray fields (#13535)

const { fields } = useFieldArray({ disabled: true });
fields[0].disabled; // contains disabled props

🛺 perf: make rhf more performant (#13524) 🐞 fix(deepEqual): empty array and empty plain object should not be equal (#13533)

thanks to @​JSap0914

Version 7.79.0

🚷 feat: use field array disabled (#13520)

useFieldArray({ disabled, name: 'test' })

🐞 fix controller onChange promise (#13518) 🐞 fix: track visited pairs in deepEqual to avoid false positives with shared object references (#13515) 🐞 fix #12651 issue: field validation with shouldUseNativeValidation does not behave native like for radio groups (#13512) 🐞 fix #12754 createFormControl breaks with fast refresh in dev mode (#13511) 🐞 close #12709 #12750 StrictMode would remove field value & get mounted again (#13508) 🐞 fix #13505 issue: In v8 with React compiler, a change in formState errors does not cause child components to re-render (#13510)

thanks to @​DucMinhNe & @​louzhedong

Changelog

Sourced from react-hook-form's changelog.

[7.80.0] - 2026-06-20

Added

• disabled prop support for individual fields within useFieldArray

Fixed

• deepEqual incorrectly treating empty array [] and empty plain object {} as equal

Performance

• Improve onChange, setValid, dirty checking, setValue, and setValues performance

[7.79.0] - 2026-06-13

Added

• disabled option to useFieldArray

Fixed

• Controller onChange promise return type
• deepEqual false positives with shared object references
• shouldUseNativeValidation behavior for radio groups
• createFormControl stability with fast refresh in dev mode
• StrictMode value preservation during remount
• formState.errors reactivity with React compiler

Commits

• ebcf9c2 7.80.0
• 4755fd0 🦌 upgrade dev deps (#13537)
• 3f38974 🧄 feat: disable useFieldArray fields (#13535)
• 62be736 🐞 fix(deepEqual): empty array and empty plain object should not be equal (#13...
• cee92e2 🛺 perf: make rhf more performant (#13524)
• 782313f 🧪 tests: add tests for setValue within form.subscribe (#13531)
• 01930f0 🍖 chore: bench mark on perf (#13530)
• 7bb1825 📖 update changelog v7.79.0
• 3f1d2bd 7.79.0
• c344c4f 📖 update changelog v7.78.0
• Additional commits viewable in compare view

Updates react-router-dom from 7.17.0 to 7.18.0

Changelog

Sourced from react-router-dom's changelog.

v7.18.0

Patch Changes

• Updated dependencies:
  • react-router@7.18.0

Commits

• 6fb1e79 Release v7.18.0 (#15187)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
sampoom-management-frontend	Ready	Preview, Comment	Jun 22, 2026 6:26pm