chore(deps): bump the production-dependencies group with 3 updates

[dependabot]

Bumps the production-dependencies group with 3 updates: @next/bundle-analyzer, @t3-oss/env-nextjs and zod.

Updates @next/bundle-analyzer from 16.0.3 to 16.1.1

Release notes

Sourced from @​next/bundle-analyzer's releases.

v16.1.1

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Turbopack: Create junction points instead of symlinks on Windows (#87606)

Credits

Huge thanks to @​sokra and @​ztanner for helping!

v16.1.1-canary.9

Core Changes

• misc: fix type check log for CI envs: #87838

Misc Changes

• Update Rspack production test manifest: #87889
• Update Rspack development test manifest: #87888

Credits

Huge thanks to @​feedthejim and @​vercel-release-bot for helping!

v16.1.1-canary.8

Core Changes

• [strict-route-types] Add experimental.strictRouteTypes config: #87378

Credits

Huge thanks to @​eps1lon for helping!

v16.1.1-canary.7

Core Changes

• Add experimental routing package for resolving adapter routes: #86404
• Ensure outputs are correct with cache components in deployment adapters: #87018
• Move off of deprecated url.parse: #87257

Credits

Huge thanks to @​ijjk and @​eps1lon for helping!

v16.1.1-canary.6

Misc Changes

• [test] Move off of as much url.parse as possible: #87286

... (truncated)

Commits

• 3aa5398 v16.1.1
• 3491676 v16.1.0
• 58e8f8c v16.1.0-canary.34
• 3284587 v16.1.0-canary.33
• 04290ab v16.1.0-canary.32
• d36c03e v16.1.0-canary.31
• 1427bf8 [turbopack] update warning message in the bundle analyzer (#87255)
• b174155 v16.1.0-canary.30
• 20da8ea v16.1.0-canary.29
• 7a856fc v16.1.0-canary.28
• Additional commits viewable in compare view

Updates @t3-oss/env-nextjs from 0.12.0 to 0.13.10

Changelog

Sourced from @​t3-oss/env-nextjs's changelog.

0.13.10

Patch Changes

• Updated dependencies [a778bf3]:
  • @​t3-oss/env-core@​0.13.10

0.13.9

Patch Changes

• Updated dependencies [5987d5a]:
  • @​t3-oss/env-core@​0.13.9

0.13.8

Patch Changes

• #353 31202b8 Thanks @​mmikhan! - feat: add Vite preset (https://vite.dev/guide/env-and-mode)

• #362 21d6d95 Thanks @​mmikhan! - feat: add WXT preset (https://wxt.dev/guide/essentials/config/environment-variables.html#built-in-environment-variables)

• Updated dependencies [31202b8, 21d6d95]:

  • @​t3-oss/env-core@​0.13.8

0.13.7

Patch Changes

• #357 216bc2d Thanks @​juliusmarminge! - feat: add arktype presets

• #354 221bdb5 Thanks @​mmikhan! - feat: add supabase vercel preset (https://vercel.com/marketplace/supabase)

• Updated dependencies [216bc2d, 221bdb5]:

  • @​t3-oss/env-core@​0.13.7

0.13.6

Patch Changes

• Updated dependencies [aa245ed]:
  • @​t3-oss/env-core@​0.13.6

0.13.5

Patch Changes

• Updated dependencies [73e90f5]:
  • @​t3-oss/env-core@​0.13.5

... (truncated)

Commits

• aefbe74 chore(release): 📦 version packages (#389)
• 1551e40 update the docs to zod 4 (#382)
• 090edb2 chore(release): 📦 version packages (#387)
• 19c5d6f bump valibot
• 5f68dca feat: improve oxc lint/fmt, add husky hooks to pre-commit and CI/CD (#386)
• 5382c57 init oxc (#384)
• 256f679 chore: bump remaining packagers (#379)
• df1fd78 bump tsdown and use unbundle setting (#378)
• 66bb202 chore: bump a bunch of stuff (#377)
• 16c5ee7 chore: upgrade zod to v4 (#376)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​t3-oss/env-nextjs since your current version.

Updates zod from 3.25.49 to 4.2.1

Release notes

Sourced from zod's releases.

v4.2.1

Commits:

• 5b5b129315fbc94a3b0d6244185eaeefcbe438d1 4.2.1

v4.2.0

Features

Implement Standard JSON Schema

standard-schema/standard-schema#134

Implement z.fromJSONSchema()

const jsonSchema = {
  type: "object",
  properties: {
    name: { type: "string" },
    age: { type: "number" }
  },
  required: ["name"]
};
const schema = z.fromJSONSchema(jsonSchema);

Implement z.xor()

const schema = z.xor(
  z.object({ type: "user", name: z.string() }),
  z.object({ type: "admin", role: z.string() })
);
// Exactly one of the schemas must match

Implement z.looseRecord()

const schema = z.looseRecord(z.string(), z.number());
// Allows additional properties beyond those defined

Commits:

• af49c084f66339110d00e37ff71dc7b3b9f2b7ef Update docs for JSON Schema conversion of z.undefined() (#5504)
• 767f320318986e422f524b939f1a7174544fda2e Add .toJSONSchema() method (#5477)
• e17dcb63573397063e87d7c7fe10a5a78968181a Add z.fromJSONSchema(), z.looseRecord(), z.xor() (#5534)

... (truncated)

Commits

• 5b5b129 4.2.1
• dcef973 v4.2.0
• e17dcb6 Add z.fromJSONSchema(), z.looseRecord(), z.xor() (#5534)
• d632df3 Update next
• 767f320 Add .toJSONSchema() method (#5477)
• 325a701 Add pullfrog.yml workflow
• 4972727 Update Next.js and React Flight RCE advisory (#5515)
• af49c08 Update docs for JSON Schema conversion of z.undefined() (#5504)
• fb66ee1 fix(mini): export ZodMiniJSONSchema types to prevent TS4023 (#5511)
• 6e968a3 Add convex-helpers to the ecosystem docs (#5470)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: automated, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[github-actions]

👋 Thanks for opening your first pull request! We'll review it soon.

Please make sure you've:

• Followed the PR template
• Added tests (if applicable)
• Updated documentation (if applicable)