chore(deps): bump the minor-and-patch group with 11 updates

[dependabot]

Bumps the minor-and-patch group with 11 updates:

Package	From	To
@astrojs/netlify	7.0.11	7.0.12
@astrojs/react	5.0.6	5.0.7
date-fns	4.3.0	4.4.0
posthog-js	1.376.3	1.379.3
react	19.2.6	19.2.7
@types/react	19.2.15	19.2.16
react-dom	19.2.6	19.2.7
knip	6.14.2	6.15.0
oxfmt	0.52.0	0.53.0
oxlint	1.67.0	1.68.0
vitest	4.1.7	4.1.8

Updates @astrojs/netlify from 7.0.11 to 7.0.12

Release notes

Sourced from @​astrojs/netlify's releases.

@​astrojs/netlify@​7.0.12

Patch Changes

• #16693 9e6edc2 Thanks @​ArmandPhilippot! - Fixes a link in the documentation specifying where to open an issue for the adapter.

• Updated dependencies []:

  • @​astrojs/underscore-redirects@​1.0.3

Changelog

Sourced from @​astrojs/netlify's changelog.

7.0.12

Patch Changes

• #16693 9e6edc2 Thanks @​ArmandPhilippot! - Fixes a link in the documentation specifying where to open an issue for the adapter.

• Updated dependencies []:

  • @​astrojs/underscore-redirects@​1.0.3

Commits

• 75ae5df [ci] release (#16912)
• 17a0fbd chore(deps): update devalue (#16900)
• 9e6edc2 fix(docs): replace last occurrences of withastro/adapters (#16693)
• See full diff in compare view

Updates @astrojs/react from 5.0.6 to 5.0.7

Release notes

Sourced from @​astrojs/react's releases.

@​astrojs/react@​5.0.7

Patch Changes

• #16900 17a0fbd Thanks @​ocavue! - Bumps devalue dependency to v5.8.1

Changelog

Sourced from @​astrojs/react's changelog.

5.0.7

Patch Changes

• #16900 17a0fbd Thanks @​ocavue! - Bumps devalue dependency to v5.8.1

Commits

• 75ae5df [ci] release (#16912)
• 17a0fbd chore(deps): update devalue (#16900)
• See full diff in compare view

Updates date-fns from 4.3.0 to 4.4.0

Release notes

Sourced from date-fns's releases.

v4.4.0

This release revisits the approach to CDN usage and introduces a new package, @date-fns/cdn and deprecates the date-fns CDN scripts. It allowed reducing the zipped package size from 5.83 MB down to 3.96 MB without introducing any breaking changes.

In v5.0.0-alpha.0 where CDN scripts are completely removed from date-fns the change is more significant and brings the zipped package size down to 2.89 MB.

It is just the first step in optimizing the package size. Expect further size reduction in the future v4 and v5 versions.

Changed

• DEPRECATED: The date-fns CDN scripts are now deprecated and will be removed in the next major release. Please switch to the new @date-fns/cdn package for CDN usage.

• Removed CDN source maps to reduce the package size. If you rely on them, please switch to the new @date-fns/cdn package that still includes them.

Commits

• cd53d25 Promote to v4.4.0
• d948ec1 Preserve but deprecate CDN versions for v4, set up v5 with polyfills
• ee65753 Add root mise :format task
• 9f5bdf5 Add positional argument to test/smoke.sh script
• 651ead6 Split CDN bundles into separate @​date-fns/cdn package
• 224c1a2 Deprecate type tests as attw hangs on date-fns package
• 7bb2842 Switch PACKAGE_OUTPUT_PATH to --dist flag in the package build script
• b6ad5ac Add flags to control package build script
• 424a783 Fix docs release after moving to monorepo setup
• See full diff in compare view

Updates posthog-js from 1.376.3 to 1.379.3

Release notes

Sourced from posthog-js's releases.

posthog-js@1.379.3

1.379.3

Patch Changes

• #3741 32de5d2 Thanks @​clr182! - logs: the console-log integration now respects opt_out_capturing() — it checks is_capturing() before emitting, so log events stop on opt-out (and resume on opt-in). (2026-06-04)
• Updated dependencies []:
  • @​posthog/types@​1.379.3
  • @​posthog/core@​1.30.6

posthog-js@1.379.2

1.379.2

Patch Changes

• #3736 374962a Thanks @​arnohillen! - replay: re-apply scroll positions after fast-forward/seek. Scrolls applied mid-catch-up could clamp to 0 when the target wasn't scrollable yet (e.g. scroll-revealed sheets/modals whose content sits below the fold), leaving the content scrolled out of view on replay. The last scroll per node is now re-applied in the flush stage once layout has settled. posthog-js is bumped too so the rebuilt bundle containing the fix is published. (2026-06-03)
• Updated dependencies []:
  • @​posthog/types@​1.379.2
  • @​posthog/core@​1.30.5

posthog-js@1.379.1

1.379.1

Patch Changes

• #3570 4a27ced Thanks @​gruessi! - fix(record): release iframe documents and observers on iframe removal — same-origin iframes mounted and unmounted while session recording is active no longer leak their Document, every node serialized into the mirror, or one MutationObserver per mount. Closes eight retainer chains: load-listener disposers, named pagehide handlers, the recordCrossOriginIframes cleanup gate (now applied to same-origin too), captured Document / Window sets that survive iframe.src swap-to-about:blank before removal, and the global mutationBuffers[] / handlers[] arrays which previously accumulated forever. Validated end-to-end: a host page that mounts/unmounts 5 blob-URL iframes every 2s for 110s went from +118 MB / +390 leaked HTMLDocuments to ~0 MB / 0. (2026-06-03)

• #3717 1688b38 Thanks @​turnipdabeets! - Move the OpenTelemetry logs dependencies to devDependencies. They are only used to build the CDN-served logs extension chunk, which inlines them, so consumers no longer install the transitive protobufjs (whose eval("require") tripped unsafe-eval Content Security Policies).

  If you imported @opentelemetry/* directly while relying on it being hoisted from posthog-js, add it to your own dependencies. (2026-06-03)

• Updated dependencies []:

  • @​posthog/types@​1.379.1
  • @​posthog/core@​1.30.4

posthog-js@1.379.0

1.379.0

Minor Changes

• #3722 c487070 Thanks @​marandaneto! - Add $sdk_dist_channel event property for browser SDK npm and cdn distribution channels. (2026-06-02)

Patch Changes

• Updated dependencies []:
  • @​posthog/types@​1.379.0

... (truncated)

Commits

• b539fcb chore: update versions and lockfile [version bump]
• 32de5d2 fix: logs-opt-out (#3741)
• 76a2d6b chore: update versions and lockfile [version bump]
• 74345e3 fix(replay): keep canvas recording alive across iframe/shadow teardown (#3726)
• 79de441 chore: update versions and lockfile [version bump]
• 374962a fix(replay): re-apply scroll after fast-forward catch-up (#3736)
• 4a8cacc chore: add Sentry attribution comments (#3738)
• 4359f26 chore: update versions and lockfile [version bump]
• 42b720f fix(react-native): preserve Expo iOS bundle script wrapper (#3734)
• 5d9c18b chore: skip secret workflows for forked PRs (#3733)
• Additional commits viewable in compare view

Updates react from 19.2.6 to 19.2.7

Release notes

Sourced from react's releases.

19.2.7 (June 1st, 2026)

React Server Components

• Fixed missing FormData entries in Server Actions which regressed in 19.2.6 (#36566 by @​unstubbable)

Commits

• 6117d7c Version 19.2.7 (#36591)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react since your current version.

Updates @types/react from 19.2.15 to 19.2.16

Commits

• See full diff in compare view

Updates react-dom from 19.2.6 to 19.2.7

Release notes

Sourced from react-dom's releases.

19.2.7 (June 1st, 2026)

React Server Components

• Fixed missing FormData entries in Server Actions which regressed in 19.2.6 (#36566 by @​unstubbable)

Commits

• 6117d7c Version 19.2.7 (#36591)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react-dom since your current version.

Updates @types/react from 19.2.15 to 19.2.16

Commits

• See full diff in compare view

Updates knip from 6.14.2 to 6.15.0

Release notes

Sourced from knip's releases.

Release 6.15.0

• Report exported type used only in inferred-return function body (resolve #1765) (2413408753f7abc7a9dfdba520990afd18c53ee0)
• Work that EXPORTS.md again (7e13451fab7ad85362fb63a4715ea450690aedef)
• Update npmx ecosystem snapshot (dfc401145a880f156c66eb83ea1622a99540304a)
• Link dependencies key with notes (closes #1764) (e3e66cea9e946558940bf8705129efea3f23b3ba)
• Resolve tsconfig paths when loading plugin configs (#1762) (0177c7466559e2ae99b5e1cd1e3a8043ca494edc) - thanks @​jakeleventhal!
• Avoid caching failed plugin config loads (#1768) (5e201cde9b1ba2568ead2ae790ab888c966828ae) - thanks @​jakeleventhal!
• Resolve extensionless .sass imports in SCSS compiler (#1770) (30c22835383b2355787cc2a871b22de80ff75544) - thanks @​sebacardello!
• fix(vite): detect inline module script entry points in index.html (#1772) (51f4eddc9e1b2fed1ba25e81fc596e9fb514ce01) - thanks @​lucas-spin!
• Harden vite inline module script import detection (b8abcfd2f4f5486aea08a934514bc55de86be030)
• Use RecordableHistogram for timerified function stats (d575c6905704af1b0b4620edd874fc09bc86ed28)
• Add orval plugin (resolves #1751) (4c82aa82c2a02fbda27a316389f210d11621f8cb)
• Add treatTagHintsAsErrors and --no-tag-hints (resolves #1767) (4b6a573e0c1e0daf65c76c32f7336ea71db6bb64)
• Add nano-spawn plugin (resolves #1769) (b2cad06dfd9958485537c5545c6c497fc8823ac3)
• Simplify glob cache validation and ignore-list assembly (df1a9603a5ea8ed7bad9588bf13672cedf37c90e)
• Dedupe ignore-pattern collection and dependency fixing (d49b626ad6736d7123d44568ef8c42a3e1d28aa3)
• Simplify installed-binaries collection in manifest metadata (55143941eebbc8dac12c79b77c1f65a8b61dfbef)
• Flatten control flow in ConfigurationChief (010d5709b0f9a3adc5ebe6e7169b9f5c4f29abc5)
• Inline trivial installed-binaries and types-included accessors (b5afb9f29e3474eee4bf276c1de83cb0682a5663)
• Format (eb4b178d5d90a719cdc576d644766f8f95a47876)
• Replace @​wdio/types dev dep with inline types (a3747d61ee0e594854e5da0ca6cb7597e0096b99)
• Bump dependencies (822ab3905cb7b5a216404231607a7820105930a2)
• Work AGENTS.md, etcetera (361bd4803934a01e01b08170565f8374e4e49eb2)
• Remove rootDirs workaround resolved by oxc-resolver 11.20.0 (e190a9fec22db41975cf9568a31970a05c86e66b)
• Add nuxt no-root-tsconfig fixture guarding alias resolution (e3e5bc94d5f7b6ffdbc89b18d7c8d5acbb5a9008)
• Allow extra args for release-it (f9c59952fa2c8c4c13bd42edc0935610900d1980)
• Add @​vercel as platinum sponsor (c4c06a9149c986680f0d1aa74b57a46ff1f88601)
• Overhaul & improve --trace functionailty (60df0b05f364c8d841c0f784a06bab2a3215a32f)
• Re-gen plugins.md (0f9d044d312053154498a562e3a9422a4f44afe6)

Commits

• 3f3769e Release knip@6.15.0
• 60df0b0 Overhaul & improve --trace functionailty
• e3e5bc9 Add nuxt no-root-tsconfig fixture guarding alias resolution
• e190a9f Remove rootDirs workaround resolved by oxc-resolver 11.20.0
• 822ab39 Bump dependencies
• a3747d6 Replace @​wdio/types dev dep with inline types
• eb4b178 Format
• b5afb9f Inline trivial installed-binaries and types-included accessors
• 010d570 Flatten control flow in ConfigurationChief
• 5514394 Simplify installed-binaries collection in manifest metadata
• Additional commits viewable in compare view

Updates oxfmt from 0.52.0 to 0.53.0

Changelog

Sourced from oxfmt's changelog.

Changelog

All notable changes to this package will be documented in this file.

The format is based on Keep a Changelog.

Commits

• 964a758 release(apps): oxlint v1.68.0 && oxfmt v0.53.0 (#22883)
• See full diff in compare view

Updates oxlint from 1.67.0 to 1.68.0

Release notes

Sourced from oxlint's releases.

oxlint v1.27.0 && oxfmt v0.12.0

Oxlint v1.27.0

🚀 Features

• 222a8f0 linter/plugins: Implement SourceCode#isSpaceBetween (#15498) (overlookmotel)
• 2f9735d linter/plugins: Implement context.languageOptions (#15486) (overlookmotel)
• bc731ff linter/plugins: Stub out all Context APIs (#15479) (overlookmotel)
• 5822cb4 linter/plugins: Add extend method to FILE_CONTEXT (#15477) (overlookmotel)
• 7b1e6f3 apps: Add pure rust binaries and release to github (#15469) (Boshen)
• 2a89b43 linter: Introduce debug assertions after fixes to assert validity (#15389) (camc314)
• ad3c45a editor: Add oxc.path.node option (#15040) (Sysix)

🐛 Bug Fixes

• 6f3cd77 linter/no-var: Incorrect warning for blocks (#15504) (Hamir Mahal)
• 6957fb9 linter/plugins: Do not allow access to Context#id in createOnce (#15489) (overlookmotel)
• 7409630 linter/plugins: Allow access to cwd in createOnce in ESLint interop mode (#15488) (overlookmotel)
• 732205e parser: Reject using / await using in a switch case / default clause (#15225) (sapphi-red)
• a17ca32 linter/plugins: Replace Context class (#15448) (overlookmotel)
• ecf2f7b language_server: Fail gracefully when tsgolint executable not found (#15436) (camc314)
• 3c8d3a7 lang-server: Improve logging in failure case for tsgolint (#15299) (camc314)
• ef71410 linter: Use jsx if source type is JS in fix debug assertion (#15434) (camc314)
• e32bbf6 linter/no-var: Handle TypeScript declare keyword in fixer (#15426) (camc314)
• 6565dbe linter/switch-case-braces: Skip comments when searching for : token (#15425) (camc314)
• 85bd19a linter/prefer-class-fields: Insert value after type annotation in fixer (#15423) (camc314)
• fde753e linter/plugins: Block access to context.settings in createOnce (#15394) (overlookmotel)
• ddd9f9f linter/forward-ref-uses-ref: Dont suggest removing wrapper in invalid positions (#15388) (camc314)
• dac2a9c linter/no-template-curly-in-string: Remove fixer (#15387) (camc314)
• 989b8e3 linter/no-var: Only fix to const if the var has an initializer (#15385) (camc314)
• cc403f5 linter/plugins: Return empty object for unimplemented parserServices (#15364) (magic-akari)

⚡ Performance

• 25d577e language_server: Start tools in parallel (#15500) (Sysix)
• 3c57291 linter/plugins: Optimize loops (#15449) (overlookmotel)
• 3166233 linter/plugins: Remove Arcs (#15431) (overlookmotel)
• 9de1322 linter/plugins: Lazily deserialize settings JSON (#15395) (overlookmotel)
• 3049ec2 linter/plugins: Optimize deepFreezeSettings (#15392) (overlookmotel)
• 444ebfd linter/plugins: Use single object for parserServices (#15378) (overlookmotel)

📚 Documentation

• 97d2104 linter: Update comment in lint.rs about default value for tsconfig path (#15530) (Connor Shea)
• 2c6bd9e linter: Always refer as "ES2015" instead of "ES6" (#15411) (sapphi-red)
• a0c5203 linter/import/named: Update "ES7" comment in examples (#15410) (sapphi-red)
• 3dc24b5 linter,minifier: Always refer as "ES Modules" instead of "ES6 Modules" (#15409) (sapphi-red)
• 2ad77fb linter/no-this-before-super: Correct "Why is this bad?" section (#15408) (sapphi-red)
• 57f0ce1 linter: Add backquotes where appropriate (#15407) (sapphi-red)

Oxfmt v0.12.0

... (truncated)

Changelog

Sourced from oxlint's changelog.

[1.68.0] - 2026-06-01

🚀 Features

• e4b1f46 linter/typescript: Implement method-signature-style rule (#22679) (Mikhail Baev)
• bc462ca linter/vue: Implement no-reserved-component-names rule (#22741) (bab)
• ef9e751 linter/vue: Implement component-definition-name-casing rule (#22818) (bab)
• d67f51a linter/vue: Implement require-prop-type-constructor rule (#22708) (bab)
• 8422e8b linter/jsdoc: Implement require-yields-description rule (#22805) (Mikhail Baev)
• fe93f97 linter/eslint: Implement prefer-named-capture-group rule (#22759) (Sebastian Poxhofer)

Commits

• 964a758 release(apps): oxlint v1.68.0 && oxfmt v0.53.0 (#22883)
• 3f05c5e feat(linter): expose override::exclude_files option (#22884)
• e4b1f46 feat(linter/typescript): implement method-signature-style rule (#22679)
• bc462ca feat(linter/vue): implement no-reserved-component-names rule (#22741)
• ef9e751 feat(linter/vue): implement component-definition-name-casing rule (#22818)
• d67f51a feat(linter/vue): implement require-prop-type-constructor rule (#22708)
• 8422e8b feat(linter/jsdoc): implement require-yields-description rule (#22805)
• fe93f97 feat(linter/eslint): implement prefer-named-capture-group rule (#22759)
• See full diff in compare view

Updates vitest from 4.1.7 to 4.1.8

Release notes

Sourced from vitest's releases.

v4.1.8

   🐞 Bug Fixes

• browser:
  • Disable client cdp API when allowWrite/allowExec: false [backport to v4]  -  by @​hi-ogawa and Codex in vitest-dev/vitest#10450 (e4067)
  • Remove orphaned Playwright route when same module is mocked via multiple ids [backport to v4]  -  by @​toxik and @​Zelys-DFKH in vitest-dev/vitest#10474 (675b4)

    View changes on GitHub

Commits

• e61f2dd chore: release v4.1.8
• e4067b3 fix(browser): disable client cdp API when allowWrite/allowExec: false [ba...
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[netlify]

✅ Deploy Preview for openapi-dot-tools ready!

Name	Link
🔨 Latest commit	cc6bcd7
🔍 Latest deploy log	https://app.netlify.com/projects/openapi-dot-tools/deploys/6a243029cfa3dd00080df314
😎 Deploy Preview	https://deploy-preview-775--openapi-dot-tools.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
🤖 Make changes	Run an agent on this branch

---

To edit notification comments on pull requests, go to your Netlify project configuration.