chore: bump the npm-deps group with 5 updates

[dependabot]

Bumps the npm-deps group with 5 updates:

Package	From	To
next	16.1.5	16.1.6
@eslint-react/eslint-plugin	2.7.4	2.9.3
@types/react	19.2.9	19.2.10
eslint-plugin-react-refresh	0.4.26	0.5.0
knip	5.82.1	5.83.0

Updates next from 16.1.5 to 16.1.6

Release notes

Sourced from next's releases.

v16.1.6

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Upgrade to swc 54 (#88207)
• implement LRU cache with invocation ID scoping for minimal mode response cache (#88509)
• tweak LRU sentinel key (#89123)

Credits

Huge thanks to @​mischnic, @​wyattjoh, and @​ztanner for helping!

Commits

• adf8c61 v16.1.6
• 098c0c0 [backport][ci] Make gh auth status optional when triggering a release (#89100)
• a43df32 Backport/docs fixes jan 25 16.1.x (#89124)
• d6d5734 tweak LRU sentinel cache key (#89123)
• 4324698 backport: implement LRU cache with invocation ID scoping for minimal mode res...
• 23c4649 [backport] Upgrade to swc 54 (#88207) (#89103)
• See full diff in compare view

Updates @eslint-react/eslint-plugin from 2.7.4 to 2.9.3

Release notes

Sourced from @​eslint-react/eslint-plugin's releases.

v2.9.3 (2026-02-02)

What's Changed

🪄 Improvements

• Deprecated no-default-props rule by @​Rel1cx in Rel1cx/eslint-react#1464
• Deprecated no-prop-types rule by @​Rel1cx in Rel1cx/eslint-react#1464
• Deprecated no-string-refs rule by @​Rel1cx in Rel1cx/eslint-react#1464

📝 Changes you should be aware of

The following rules have been deprecated:

• no-default-props
• no-prop-types
• no-string-refs

If you are working with legacy codebases that still require these rules, you can use a no-restricted-syntax rule to enforce these restrictions:

{
    files: ['**/*.jsx', '**/*.tsx'],
    rules: {
        "no-restricted-syntax": [
            "error",
            {
                "selector": "AssignmentExpression[operator='='][left.property.name='defaultProps']",
                "message": "[Deprecated] Use ES6 default parameters instead."
            },
            {
                "selector": "AssignmentExpression[operator='='][left.property.name='propTypes']",
                "message": "[Deprecated] Use TypeScript or another type-checking solution instead."
            },
            {
                "selector": "JSXAttribute[name.name='ref'][value.type='Literal']",
                "message": "[Deprecated] Use callback refs instead."
            }
        ]
    }
}

(The rules that were deprecated in this release will still be available until the next major update to avoid breaking changes.)

Full Changelog: Rel1cx/eslint-react@v2.9.2...v2.9.3

v2.9.2 (2026-02-02)

What's Changed

🐞 Fixes

... (truncated)

Changelog

Sourced from @​eslint-react/eslint-plugin's changelog.

v2.9.3 (2026-02-02)

🪄 Improvements

• Deprecated no-default-props rule by @​Rel1cx in Rel1cx/eslint-react#1464
• Deprecated no-prop-types rule by @​Rel1cx in Rel1cx/eslint-react#1464
• Deprecated no-string-refs rule by @​Rel1cx in Rel1cx/eslint-react#1464

📝 Changes you should be aware of

The following rules have been deprecated:

• no-default-props
• no-prop-types
• no-string-refs

If you are working with legacy codebases that still require these rules, you can use a no-restricted-syntax rule to enforce these restrictions:

{
    files: ['**/*.jsx', '**/*.tsx'],
    rules: {
        "no-restricted-syntax": [
            "error",
            {
                "selector": "AssignmentExpression[operator='='][left.property.name='defaultProps']",
                "message": "[Deprecated] Use ES6 default parameters instead."
            },
            {
                "selector": "AssignmentExpression[operator='='][left.property.name='propTypes']",
                "message": "[Deprecated] Use TypeScript or another type-checking solution instead."
            },
            {
                "selector": "JSXAttribute[name.name='ref'][value.type='Literal']",
                "message": "[Deprecated] Use callback refs instead."
            }
        ]
    }
}

(The rules that were deprecated in this release will still be available until the next major update to avoid breaking changes.)

Full Changelog: Rel1cx/eslint-react@v2.9.2...v2.9.3

v2.9.2 (2026-02-02)

🐞 Fixes

• Fix directives checks by @​Rel1cx in Rel1cx/eslint-react#1461

... (truncated)

Commits

• 41b9a89 release: 2.9.3
• 9dae753 release: 2.9.3-beta.0
• 7b5ad3f release: 2.9.3-next.0
• c820dce release: 2.9.2
• 1a71764 release: 2.9.2-beta.0
• e764f85 release: 2.9.2-next.0
• 472af46 Add missing rsc plugin to all config, closes #1462 (#1463)
• 6d2e7e3 release: 2.9.1
• ae8f77e release: 2.9.1-beta.1
• c944e49 release: 2.9.1-next.1
• Additional commits viewable in compare view

Updates @types/react from 19.2.9 to 19.2.10

Commits

• See full diff in compare view

Updates eslint-plugin-react-refresh from 0.4.26 to 0.5.0

Release notes

Sourced from eslint-plugin-react-refresh's releases.

v0.5.0

Breaking changes

• The package now ships as ESM and requires ESLint 9 + node 20. Because legacy config doesn't support ESM, this requires to use flat config
• A new reactRefresh export is available and prefered over the default export. It's an object with two properties:
  • plugin: The plugin object with the rules
  • configs: An object containing configuration presets, each exposed as a function. These functions accept your custom options, merge them with sensible defaults for that config, and return the final config object.
• customHOCs option was renamed to extraHOCs
• Validation of HOCs calls is now more strict, you may need to add some HOCs to the extraHOCs option

Config example:

import { defineConfig } from "eslint/config";
import { reactRefresh } from "eslint-plugin-react-refresh";
export default defineConfig(
/* Main config */
reactRefresh.configs.vite({ extraHOCs: ["someLibHOC"] }),
);

Config example without config:

import { defineConfig } from "eslint/config";
import { reactRefresh } from "eslint-plugin-react-refresh";
export default defineConfig({
files: ["/*.ts", "/*.tsx"],
plugins: {
// other plugins
"react-refresh": reactRefresh.plugin,
},
rules: {
// other rules
"react-refresh/only-export-components": [
"warn",
{ extraHOCs: ["someLibHOC"] },
],
},
});

Why

This version follows a revamp of the internal logic to better make the difference between random call expressions like export const Enum = Object.keys(Record) and actual React HOC calls like export const MemoComponent = memo(Component). (fixes #93)

The rule now handles ternaries and patterns like export default customHOC(props)(Component) which makes it able to correctly support files like this one given this config:

... (truncated)

Changelog

Sourced from eslint-plugin-react-refresh's changelog.

0.5.0

Breaking changes

• The package now ships as ESM and requires ESLint 9 + node 20. Because legacy config doesn't support ESM, this requires to use flat config
• A new reactRefresh export is available and prefered over the default export. It's an object with two properties:
  • plugin: The plugin object with the rules
  • configs: An object containing configuration presets, each exposed as a function. These functions accept your custom options, merge them with sensible defaults for that config, and return the final config object.
• customHOCs option was renamed to extraHOCs
• Validation of HOCs calls is now more strict, you may need to add some HOCs to the extraHOCs option

Config example:

import { defineConfig } from "eslint/config";
import { reactRefresh } from "eslint-plugin-react-refresh";
export default defineConfig(
/* Main config */
reactRefresh.configs.vite({ extraHOCs: ["someLibHOC"] }),
);

Config example without config:

import { defineConfig } from "eslint/config";
import { reactRefresh } from "eslint-plugin-react-refresh";
export default defineConfig({
files: ["/*.ts", "/*.tsx"],
plugins: {
// other plugins
"react-refresh": reactRefresh.plugin,
},
rules: {
// other rules
"react-refresh/only-export-components": [
"warn",
{ extraHOCs: ["someLibHOC"] },
],
},
});

Why

This version follows a revamp of the internal logic to better make the difference between random call expressions like export const Enum = Object.keys(Record) and actual React HOC calls like export const MemoComponent = memo(Component). (fixes #93)

The rule now handles ternaries and patterns like export default customHOC(props)(Component) which makes it able to correctly support files like this one given this config:

... (truncated)

Commits

• daa2efb Revamp logic to catch more cases [publish] (#97)
• See full diff in compare view

Updates knip from 5.82.1 to 5.83.0

Release notes

Sourced from knip's releases.

Release 5.83.0

• fix: skip empty string entries in package.json exports (#1477) (6b64ac5b89916869a2361077a51dc28adb4679df) - thanks @​SBoudrias!
• add LS version to serverInfo (#1468) (2c28cb8dc8923d83800959a7a259b439d5c50a0e) - thanks @​niklas-wortmann!
• Avoid highlighting path-like specifiers (#1488) (c8fec09666ad0ce145e1d2bbf99737a6bc95fd05) - thanks @​azat-io!
• Update avatar URLs (#1489) (d612ac2dab39a560875c53b9cccb3d920caafdd1) - thanks @​azat-io!
• Copy fix-fixtures to tmp dir (bd1519c30bb0a4004cfae463f10f8b066b778d95)
• Don't add excluded issue types (resolve #1486) (4eeeec602a8275f8f8d4252157ed6fa3cdd83f24)
• Minor refactor (767b2c5927d940f8815d157c2fa50c67f0a80d63)
• Edit docs (78111c96f54da3c41cfb84bd972bb5e836e1b859)
• feat: add plugin for expressive-code (#1493) (fbf958a9bfb2d913c345c98283a793a7f10faae5) - thanks @​cylewaitforit!
• Truncate file path left-side (resolves #1494) (235949c0b68e0bf2f3eb9ef0f3f88e750984e70a)
• Revert fix-fixture format test (fails in outside cwd) (8e961259bddef4652ae3b98387d1afa8514429ec)
• Skip empty manifest entries (resolve #1497) (d314ce43e7f9fe26125db167c1a8af4728329828)
• Filter out empty issue objects in compact reporter (resolve #1482) (7df0b4d8ee888f524132cd96260e18b870e8c57c)
• Lint/group import statements (61e7a24460e11bd2e9e27e9a791953eb004947df)
• Update AGENTS.md & docs (7537f8a1c474ce931a05a06efcc238eef5806447)
• Optimize relative path helper (ac8a45454f9e8d88898141e112897803c844f803)
• Move postinstall script to non-production (360110bed44d77da4ed5e553a63986176d2ed716)
• Ignore simple-git-hooks in production (like husky etc) (bbab35b144080d061641b6b6a6545176e5286553)
• Move & add testimonials (5ab18133b0e375508b34014085e10b78dcfd88ff)
• Update sponsors page (4534a55e37f804bfdef65522354b053f28a5a8f2)
• Edit docs, add config hints page (1a73a053dad914025e330c03cabaf9ded2444e91)
• Rename reporter to match project style (58f8c4e476b8a051dd27fdf27859014c4954289b)
• Auto-format (854124f7b5436436d57c5249f9b64f53e71e1994)
• Refactor fs helper to match project style (f22e7e94a48ac0dedf41985f3928ff556d04d727)

Commits

• f056786 Release knip@5.83.0
• f22e7e9 Refactor fs helper to match project style
• 854124f Auto-format
• 58f8c4e Rename reporter to match project style
• 1a73a05 Edit docs, add config hints page
• bbab35b Ignore simple-git-hooks in production (like husky etc)
• 360110b Move postinstall script to non-production
• ac8a454 Optimize relative path helper
• 7537f8a Update AGENTS.md & docs
• 7df0b4d Filter out empty issue objects in compact reporter (resolve #1482)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
personal-website	Ready	Preview, Comment	Feb 3, 2026 2:15am

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

• 🔍 Trigger a full review

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}