Skip to content

chore(deps): bump the production-minor-patch group across 1 directory with 14 updates#612

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/production-minor-patch-4357559166
Open

chore(deps): bump the production-minor-patch group across 1 directory with 14 updates#612
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/production-minor-patch-4357559166

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 9, 2026

Copy link
Copy Markdown
Contributor

Bumps the production-minor-patch group with 14 updates in the / directory:

Package From To
pg 8.20.0 8.22.0
@clack/prompts 1.4.0 1.6.0
posthog-node 5.34.2 5.39.3
@rollup/rollup-linux-x64-gnu 4.60.4 4.62.2
arktype 2.2.0 2.2.2
@cipherstash/protect-ffi 0.23.0 0.26.0
@stricli/core 1.2.7 1.2.8
uuid 14.0.0 14.0.1
@anthropic-ai/claude-agent-sdk 0.3.143 0.3.198
@anthropic-ai/sdk 0.106.0 0.109.1
@clerk/nextjs 7.3.5 7.5.12
next 15.5.18 15.5.20
tsx 4.22.1 4.22.4
vite 8.0.13 8.1.3

Updates pg from 8.20.0 to 8.22.0

Changelog

Sourced from pg's changelog.

pg@8.22.0

pg@8.21.0

Commits

Updates @clack/prompts from 1.4.0 to 1.6.0

Release notes

Sourced from @​clack/prompts's releases.

@​clack/prompts@​1.6.0

Minor Changes

  • #568 f87933f Thanks @​florian-lefebvre! - Updates default formatter of note() to note dim lines anymore

    If you want the old behavior, provide a format() function:

    import { note } from '@clack/prompts';
    +import { styleText } from 'node:util';
    note(
    'You can edit the file src/index.jsx',
    'Next steps.'
    
    { format: (text) => styleText('dim', text) }
    );
  • #567 cc6aab5 Thanks @​dreyfus92! - Add keyboard instruction footers to select, multiselect, and groupMultiselect in the active state, matching autocomplete. No option — always shown.

  • Patch Changes

    @​clack/prompts@​1.5.1

    Patch Changes

    @​clack/prompts@​1.5.0

    Minor Changes

    • #543 83428ac Thanks @​florian-lefebvre! - Adds support for Standard Schema validation

      Prompts accept an optional validate() function to validate user input. While a function provides more flexibility and customization over your validation, it can be a bit verbose. To help solve this, there are libraries that provide schema-based validation to make shorthand and type-strict validation substantially easier.

      Libraries following the Standard Schema specification are now natively supported. For example, using Arktype:

      import { text } from '@clack/prompts';
      import { type } from 'arktype';
      const name = await text({
      message: 'Enter your email',

    ... (truncated)

    Changelog

    Sourced from @​clack/prompts's changelog.

    1.6.0

    Minor Changes

    • #568 f87933f Thanks @​florian-lefebvre! - Updates default formatter of note() to note dim lines anymore

      If you want the old behavior, provide a format() function:

      import { note } from '@clack/prompts';
      +import { styleText } from 'node:util';
      note(
      'You can edit the file src/index.jsx',
      'Next steps.'
      
      { format: (text) => styleText('dim', text) }
      );
  • #567 cc6aab5 Thanks @​dreyfus92! - Add keyboard instruction footers to select, multiselect, and groupMultiselect in the active state, matching autocomplete. No option — always shown.

  • Patch Changes

    1.5.1

    Patch Changes

    1.5.0

    Minor Changes

    • #543 83428ac Thanks @​florian-lefebvre! - Adds support for Standard Schema validation

      Prompts accept an optional validate() function to validate user input. While a function provides more flexibility and customization over your validation, it can be a bit verbose. To help solve this, there are libraries that provide schema-based validation to make shorthand and type-strict validation substantially easier.

      Libraries following the Standard Schema specification are now natively supported. For example, using Arktype:

      import { text } from '@clack/prompts';
      import { type } from 'arktype';

    ... (truncated)

    Commits
    • 0e70056 [ci] release (#562)
    • f87933f fix(prompts): do not dim note contents (#568)
    • cc6aab5 feat(prompts): add instructions footer for select, multi-select & `group-...
    • 02ae191 [ci] release (#549)
    • 56e9d67 docs: add jsdoc for date, limit-options, and messages (#546)
    • 030ba4d [ci] release (#539)
    • 83428ac feat: standard schema for validation (#543)
    • adb6af9 docs: add jsdoc for box, group, and group-multi-select (#542)
    • 3170ed9 docs: add jsdoc for autocomplete, confirm, and path prompts (#540)
    • 3dcb31a fix: spaces and uppercase characters in multiline input (#534)
    • See full diff in compare view

    Updates posthog-node from 5.34.2 to 5.39.3

    Release notes

    Sourced from posthog-node's releases.

    posthog-node@5.39.3

    5.39.3

    Patch Changes

    • #4055 64e04ba Thanks @​marandaneto! - Retry /flags requests that receive HTTP 502 or 504 responses across SDKs that use the shared core flags client. (2026-07-02)
    • Updated dependencies [64e04ba]:
      • @​posthog/core@​1.39.4

    posthog-node@5.39.2

    5.39.2

    Patch Changes

    • #4028 a664b81 Thanks @​marandaneto! - Make Node flush() wait for pending asynchronous SDK work before draining the event queue, so events produced by helpers like captureException() are not missed. Pending work rejections no longer prevent queued events from flushing. (2026-07-01)
    • Updated dependencies [a664b81]:
      • @​posthog/core@​1.39.3

    posthog-node@5.39.1

    5.39.1

    Patch Changes

    • #4029 b36b1cc Thanks @​marandaneto! - Call before_send for identify, group identify, and alias events. (2026-06-30)

    • #4027 ab118d2 Thanks @​marandaneto! - Safely serialize event batches with circular property references instead of crashing during flush. (2026-06-30)

    • Updated dependencies [ab118d2]:

      • @​posthog/core@​1.39.2

    posthog-node@5.39.0

    5.39.0

    Minor Changes

    • #4006 0063128 Thanks @​github-actions! - Add groupIdentifyImmediate() to await the network request when identifying a group, mirroring captureImmediate/identifyImmediate/aliasImmediate. Useful in edge/serverless environments where the background queue may not flush. The Convex integration now uses it directly instead of routing $groupidentify through captureImmediate. (2026-06-30)

    Patch Changes

    • Updated dependencies [0063128]:
      • @​posthog/core@​1.39.0

    posthog-node@5.38.8

    5.38.8

    Patch Changes

    ... (truncated)

    Changelog

    Sourced from posthog-node's changelog.

    5.39.3

    Patch Changes

    • #4055 64e04ba Thanks @​marandaneto! - Retry /flags requests that receive HTTP 502 or 504 responses across SDKs that use the shared core flags client. (2026-07-02)
    • Updated dependencies [64e04ba]:
      • @​posthog/core@​1.39.4

    5.39.2

    Patch Changes

    • #4028 a664b81 Thanks @​marandaneto! - Make Node flush() wait for pending asynchronous SDK work before draining the event queue, so events produced by helpers like captureException() are not missed. Pending work rejections no longer prevent queued events from flushing. (2026-07-01)
    • Updated dependencies [a664b81]:
      • @​posthog/core@​1.39.3

    5.39.1

    Patch Changes

    • #4029 b36b1cc Thanks @​marandaneto! - Call before_send for identify, group identify, and alias events. (2026-06-30)

    • #4027 ab118d2 Thanks @​marandaneto! - Safely serialize event batches with circular property references instead of crashing during flush. (2026-06-30)

    • Updated dependencies [ab118d2]:

      • @​posthog/core@​1.39.2

    5.39.0

    Minor Changes

    • #4006 0063128 Thanks @​github-actions! - Add groupIdentifyImmediate() to await the network request when identifying a group, mirroring captureImmediate/identifyImmediate/aliasImmediate. Useful in edge/serverless environments where the background queue may not flush. The Convex integration now uses it directly instead of routing $groupidentify through captureImmediate. (2026-06-30)

    Patch Changes

    • Updated dependencies [0063128]:
      • @​posthog/core@​1.39.0

    5.38.8

    Patch Changes

    • #3974 08b404b Thanks @​mjfaga! - Fix local evaluation ignoring the in/not_in operator on cohort-based flag conditions. "Not in cohort" was evaluated as "in cohort", inverting cohort-exclusion flags. Now applies the operator to the cohort membership result. (2026-06-29)

    ... (truncated)

    Commits
    • 4eb8b21 chore: update versions and lockfile [version bump]
    • dd90e55 test(node): make local polling tests deterministic (#4043)
    • d1e6df8 chore: update versions and lockfile [version bump]
    • a664b81 fix: make flush wait for pending async work (#4028)
    • a5181ba chore: update versions and lockfile [version bump]
    • b36b1cc fix(node): run before_send for all captured events (#4029)
    • ab118d2 fix(node): handle circular event properties during flush (#4027)
    • 0c95bce fix: satisfy SDK compliance harness 0.8.0 (#3998)
    • 254c5b1 chore: update versions and lockfile [version bump]
    • 0063128 feat: Add groupIdentifyImmediate() method to Node.js SDK (#4006)
    • Additional commits viewable in compare view

    Updates @rollup/rollup-linux-x64-gnu from 4.60.4 to 4.62.2

    Release notes

    Sourced from @​rollup/rollup-linux-x64-gnu's releases.

    v4.62.2

    4.62.2

    2026-06-19

    Bug Fixes

    • Do not add spurious side-effect-free external imports to chunks when using minChunkSize (#6411)

    Pull Requests

    v4.62.1

    4.62.1

    2026-06-19

    Bug Fixes

    • Preserve multipart file extensions when deconflicting output chunks (#6408)
    • Fix an issue where getLogFilter would match additional logs (#6415)

    Pull Requests

    v4.62.0

    4.62.0

    2026-06-13

    Features

    • Ensure that shared dependencies between manual chunks and entry points receive a serparate chunk (#6374)

    Pull Requests

    ... (truncated)

    Changelog

    Sourced from @​rollup/rollup-linux-x64-gnu's changelog.

    4.62.2

    2026-06-19

    Bug Fixes

    • Do not add spurious side-effect-free external imports to chunks when using minChunkSize (#6411)

    Pull Requests

    4.62.1

    2026-06-19

    Bug Fixes

    • Preserve multipart file extensions when deconflicting output chunks (#6408)
    • Fix an issue where getLogFilter would match additional logs (#6415)

    Pull Requests

    4.62.0

    2026-06-13

    Features

    • Ensure that shared dependencies between manual chunks and entry points receive a serparate chunk (#6374)

    Pull Requests

    ... (truncated)

    Commits
    • 8faa187 4.62.2
    • a38a795 refactor(rust/parser_ast): extract property AstConverter write buffer kind lo...
    • 6cc5c31 Skip side-effect-free external imports when hoisting is disabled (#6411)
    • caacf70 4.62.1
    • d1e8297 Add missing ignore
    • 1ba1fc2 fix: insert conflict numbers before first extension in multi-extension filena...
    • 532bd0a Use import attributes for importing JSON (#6393)
    • 2cd8194 fix: advance value past wildcard prefix before suffix check in getLogFilter (...
    • dfac590 fix(deps): update minor/patch updates (#6418)
    • 1d6db3d chore(deps): update dependency eslint-plugin-unicorn to v66 (#6419)
    • Additional commits viewable in compare view

    Updates arktype from 2.2.0 to 2.2.2

    Changelog

    Sourced from arktype's changelog.

    2.2.2

    Fix precompilation of private aliases

    A private alias referenced only within its own scope is no longer skipped during JIT precompilation, so its optimized traversal is bound correctly instead of falling back to the unbound reference.

    Harden ArkErrors JSON serialization

    ArkErrors doubles as a Standard Schema issues array, so JSON.stringify no longer assumes every indexed entry is an ArkError with a toJSON method (e.g. plain issue-shaped entries from other validators). Inherited array methods (map, filter, slice, …) now return a plain Array via Symbol.species, preventing callbacks that return primitives from producing a malformed ArkErrors.

    2.2.1

    Improve regex inference for zero-min quantifiers on numeric patterns

    // was: Regex<`${number}`>
    // now: Regex<"" | `${number}`>
    regex("^\\d*$")

    See arkregex CHANGELOG for full notes.

    Commits
    • ab66f64 release: arktype 2.2.2 + dependents (#1633)
    • 11e2e49 fix private alias precompilation (#1632)
    • d0c43a9 refactor(repo): drop tsx, rely on native Node type stripping (#1620)
    • 93cb501 release: arkregex 0.0.6 + dependents; publish @​ark/fast-check
    • See full diff in compare view

    Updates @cipherstash/protect-ffi from 0.23.0 to 0.26.0

    Release notes

    Sourced from @​cipherstash/protect-ffi's releases.

    v0.26.0

    No release notes provided.

    v0.25.0

    ⚠️ Breaking changes

    • Removed serviceToken from EncryptOptions, DecryptOptions, and the query option types.
    • Removed the CtsToken public type export.
    • Auth environment updated for stack-auth 0.36: CS_REGION is dropped in favour of CS_WORKSPACE_CRN.

    ✨ Added

    • newClient now accepts an optional opts.strategy (an AuthStrategy, @cipherstash/auth-shaped object) on both Node and WASM. When supplied, getToken() is invoked on every ZeroKMS request. On WASM the strategy is required (no env/filesystem fallback); on Node it is optional and falls back to the AutoStrategy built from credentials / profile.

    🔧 Fixed

    • Node: capture a per-isolate Neon Channel for the JS-backed strategy, and unref it so scripts can exit cleanly after a round trip.
    • Node: wrap the getToken JS call in Context::try_catch so a strategy that throws (or otherwise misbehaves) surfaces as a clean error instead of an unhandled rejection.

    🧱 Changed

    • Bumped cipherstash-client, cts-common, stack-auth, and stack-profile to 0.36.0.
    • Expanded integration coverage: JS-backed auth contract, event-loop-exit, and newClient guard tests.

    Upgrading: remove any serviceToken options and CtsToken imports; set CS_WORKSPACE_CRN instead of CS_REGION.

    Full changelog: https://github.com/cipherstash/protectjs-ffi/blob/main/CHANGELOG.md

    v0.24.0

    No release notes provided.

    Changelog

    Sourced from @​cipherstash/protect-ffi's changelog.

    [0.26.0] - 2026-06-08

    Changed

    • Bumped cipherstash-client and stack-auth to 0.37.0.
    • npm publishing now uses OIDC trusted publishing, and the release publish job was hardened (the publisher app token is scoped to contents:write).

    Added

    • Integration coverage for the OidcFederation auth strategy, wired against @cipherstash/auth 0.39.0.

    Fixed

    • Point the dryrun npm script at release.yml.

    [0.25.0] - 2026-05-29

    Breaking

    • Removed serviceToken from EncryptOptions, DecryptOptions, and the query option types.
    • Removed the CtsToken public type export.
    • Auth environment updated for stack-auth 0.36: CS_REGION is dropped in favour of CS_WORKSPACE_CRN.

    Added

    • newClient now accepts an optional opts.strategy (an AuthStrategy, @cipherstash/auth-shaped object) on both Node and WASM. When supplied, getToken() is invoked on every ZeroKMS request. On WASM the strategy is required (there is no env/filesystem fallback); on Node it is optional and falls back to the AutoStrategy built from credentials / profile.

    Fixed

    • Node: capture a per-isolate Neon Channel for the JS-backed strategy, and unref it so scripts can exit cleanly after a round trip.
    • Node: wrap the getToken JS call in Context::try_catch so a strategy that throws (or otherwise misbehaves) surfaces as a clean error instead of an unhandled rejection.

    Changed

    • Bumped cipherstash-client, cts-common, stack-auth, and stack-profile to 0.36.0.
    • Expanded integration coverage: JS-backed auth contract, event-loop-exit, and newClient guard tests.

    ... (truncated)

    Commits
    • 7de2728 v0.26.0
    • 6184293 Merge pull request #99 from cipherstash/ci/npm-oidc-trusted-publishing
    • 1b64ada fix(npm): point dryrun script at release.yml
    • 6d542f4 ci: scope the publisher app token to contents:write (address review)
    • acafdda ci: harden release publish job (address review)
    • 5992207 Merge pull request #100 from cipherstash/chore/bump-cipherstash-stack-0.37
    • 245532b test: keep a single hermetic OidcFederation contract test
    • 06195dc test: address review on OidcFederation test
    • 6e891ab test: wire OidcFederation against @​cipherstash/auth 0.39.0
    • 0ef5cff test: scaffold pending OidcFederation strategy tests
    • Additional commits viewable in compare view
    Maintainer changes

    This version was pushed to npm by GitHub Actions, a new releaser for @​cipherstash/protect-ffi since your current version.


    Updates @stricli/core from 1.2.7 to 1.2.8

    Release notes

    Sourced from @​stricli/core's releases.

    v1.2.8

    1.2.8 (2026-06-18)

    🩹 Fixes

    • handle argument escape sequence in route scanner (87461d5)

    ❤️ Thank You

    • Michael Molisani
    Changelog

    Sourced from @​stricli/core's changelog.

    1.2.8 (2026-06-18)

    🩹 Fixes

    • handle argument escape sequence in route scanner (87461d5)

    ❤️ Thank You

    • Michael Molisani
    Commits
    • 663fe16 chore(release): 1.2.8
    • 25f1312 ci(create_release): set origin as upstream of release branch
    • 87461d5 fix: handle argument escape sequence in route scanner
    • ed0d85e ci: skip publish if there is no pending release
    • 30108ae ci: new workflow to create release PR
    • 1ec5e65 ci: set node/npm version in package.json, use in setup-node
    • c5e247d Revert "ci: remove step that ensured npm was updated to latest"
    • 626a0ae Merge pull request #155 from bloomberg/release/1.2.7
    • See full diff in compare view

    Updates uuid from 14.0.0 to 14.0.1

    Release notes

    Sourced from uuid's releases.

    v14.0.1

    14.0.1 (2026-06-20)

    Bug Fixes

    • add types condition to node export for moduleResolution bundler (#961) (27ffae5)
    Changelog

    Sourced from uuid's changelog.

    14.0.1 (2026-06-20)

    Bug Fixes

    • add types condition to node export for moduleResolution bundler (#961) (27ffae5)
    Commits
    Install script changes

    This version modifies prepare script that runs during installation. Review the package contents before updating.


    Updates @anthropic-ai/claude-agent-sdk from 0.3.143 to 0.3.198

    Release notes

    Sourced from @​anthropic-ai/claude-agent-sdk's releases.

    v0.3.198

    What's changed

    • Added a runtime warning when canUseTool is configured alongside allowedTools or bypassPermissions, which shadow the callback
    • Added per-server request_timeout_ms option to mcp_set_servers control request
    • Fixed SDKUserMessage.isSynthetic not being mapped to isMeta on ingestion, which could cause synthetic messages to be treated as real user messages
    • Fixed workflow progress events silently dropping earliest agents from the list while the phase counter remained correct

    Update

    npm install @anthropic-ai/claude-agent-sdk@0.3.198
    # or
    yarn add @anthropic-ai/claude-agent-sdk@0.3.198
    # or
    pnpm add @anthropic-ai/claude-agent-sdk@0.3.198
    # or
    bun add @anthropic-ai/claude-agent-sdk@0.3.198

    v0.3.197

    What's changed

    • Updated to parity with Claude Code v2.1.197

    Update

    npm install @anthropic-ai/claude-agent-sdk@0.3.197
    # or
    yarn add @anthropic-ai/claude-agent-sdk@0.3.197
    # or
    pnpm add @anthropic-ai/claude-agent-sdk@0.3.197
    # or
    bun add @anthropic-ai/claude-agent-sdk@0.3.197

    v0.3.196

    What's changed

    • Added prompt_id field to hook input payloads for correlating hook events with OpenTelemetry prompt-level events
    • Fixed control protocol deduplication dropping tool-use IDs after 1000 resolutions, which could cause duplicate tool_result deliveries in long-running sessions

    Update

    npm install @anthropic-ai/claude-agent-sdk@0.3.196
    # or
    yarn add @anthropic-ai/claude-agent-sdk@0.3.196
    # or
    </tr></table> 

    ... (truncated)

    Changelog

    Sourced from @​anthropic-ai/claude-agent-sdk's changelog.

    0.3.198

    • Added a runtime warning when canUseTool is configured alongside allowedTools or bypassPermissions, which shadow the callback
    • Added per-server request_timeout_ms option to mcp_set_servers control request
    • Fixed SDKUserMessage.isSynthetic not being mapped to isMeta on ingestion, which could cause synthetic messages to be treated as real user messages
    • Fixed workflow progress events silently dropping earliest agents from the list while the phase counter remained correct

    0.3.197

    • Updated to parity with Claude Code v2.1.197

    0.3.196

    • Added prompt_id field to hook input payloads for correlating hook events with OpenTelemetry prompt-level events
    • Fixed control protocol deduplication dropping tool-use IDs after 1000 resolutions, which could cause duplicate tool_result deliveries in long-running sessions

    0.3.195

    • Added Query.reinitialize() to re-send the initialize control request and redeliver pending permission/dialog prompts after a transport gap
    • Fixed commands_changed event not being emitted for synced skills when the skill list resolves before the change-detector subscribes

    0.3.194

    • Updated to parity with Claude Code v2.1.194

    0.3.193

    • Added promptSuggestions option to Browser SDK query() to opt the remote CLI into emitting follow-up suggestions
    • Fixed brief console window flashes on Windows when spawning CLI subprocesses

    0.3.192

    • Updated to parity with Claude Code v2.1.192

    0.3.191

    • Added old_source field to NotebookEdit tool results for replace and delete operations, enabling inline diffs
    • Added seven_day_overage_included to SDKRateLimitInfo.rateLimitType for per-model weekly usage limits
    • Added model_scoped array to usage response for per-model weekly limit windows with utilization and reset times
    • Fixed fast mode reverting to standard after the first turn when settingSources includes user/project settings

    0.3.190

    • Updated to parity with Claude Code v2.1.190

    0.3.188

    • Updated to parity with Claude Code v2.1.188

    0.3.187

    ... (truncated)

    Commits

    Updates @anthropic-ai/sdk from 0.106.0 to 0.109.1

    Release notes

    Sourced from @​anthropic-ai/sdk's releases.

    sdk: v0.109.1

    0.109.1 (2026-07-01)

    Full Changelog: sdk-v0.109.0...sdk-v0.109.1

    Chores

    • api: remove some nonfunctional types from the SDKs (cc4dd4e)

    sdk: v0.109.0

    0.109.0 (2026-06-30)

    Full Changelog: sdk-v0.108.0...sdk-v0.109.0

    Features

    • api: add support for Managed Agents event delta streaming, agent overrides, reverse pagination, vault credential injection scoping, and agent and deployment webhook events (7f3211b)

    sdk: v0.108.0

    0.108.0 (2026-06-30)

    Full Changelog: sdk-v0.107.0....

    Description has been truncated

    … with 14 updates
    
    Bumps the production-minor-patch group with 14 updates in the / directory:
    
    | Package | From | To |
    | --- | --- | --- |
    | [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg) | `8.20.0` | `8.22.0` |
    | [@clack/prompts](https://github.com/bombshell-dev/clack/tree/HEAD/packages/prompts) | `1.4.0` | `1.6.0` |
    | [posthog-node](https://github.com/PostHog/posthog-js/tree/HEAD/packages/node) | `5.34.2` | `5.39.3` |
    | [@rollup/rollup-linux-x64-gnu](https://github.com/rollup/rollup) | `4.60.4` | `4.62.2` |
    | [arktype](https://github.com/arktypeio/arktype/tree/HEAD/ark/type) | `2.2.0` | `2.2.2` |
    | [@cipherstash/protect-ffi](https://github.com/cipherstash/protectjs-ffi) | `0.23.0` | `0.26.0` |
    | [@stricli/core](https://github.com/bloomberg/stricli) | `1.2.7` | `1.2.8` |
    | [uuid](https://github.com/uuidjs/uuid) | `14.0.0` | `14.0.1` |
    | [@anthropic-ai/claude-agent-sdk](https://github.com/anthropics/claude-agent-sdk-typescript) | `0.3.143` | `0.3.198` |
    | [@anthropic-ai/sdk](https://github.com/anthropics/anthropic-sdk-typescript) | `0.106.0` | `0.109.1` |
    | [@clerk/nextjs](https://github.com/clerk/javascript/tree/HEAD/packages/nextjs) | `7.3.5` | `7.5.12` |
    | [next](https://github.com/vercel/next.js) | `15.5.18` | `15.5.20` |
    | [tsx](https://github.com/privatenumber/tsx) | `4.22.1` | `4.22.4` |
    | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `8.0.13` | `8.1.3` |
    
    
    
    Updates `pg` from 8.20.0 to 8.22.0
    - [Changelog](https://github.com/brianc/node-postgres/blob/master/CHANGELOG.md)
    - [Commits](https://github.com/brianc/node-postgres/commits/pg@8.22.0/packages/pg)
    
    Updates `@clack/prompts` from 1.4.0 to 1.6.0
    - [Release notes](https://github.com/bombshell-dev/clack/releases)
    - [Changelog](https://github.com/bombshell-dev/clack/blob/main/packages/prompts/CHANGELOG.md)
    - [Commits](https://github.com/bombshell-dev/clack/commits/@clack/prompts@1.6.0/packages/prompts)
    
    Updates `posthog-node` from 5.34.2 to 5.39.3
    - [Release notes](https://github.com/PostHog/posthog-js/releases)
    - [Changelog](https://github.com/PostHog/posthog-js/blob/main/packages/node/CHANGELOG.md)
    - [Commits](https://github.com/PostHog/posthog-js/commits/posthog-node@5.39.3/packages/node)
    
    Updates `@rollup/rollup-linux-x64-gnu` from 4.60.4 to 4.62.2
    - [Release notes](https://github.com/rollup/rollup/releases)
    - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
    - [Commits](rollup/rollup@v4.60.4...v4.62.2)
    
    Updates `arktype` from 2.2.0 to 2.2.2
    - [Release notes](https://github.com/arktypeio/arktype/releases)
    - [Changelog](https://github.com/arktypeio/arktype/blob/main/ark/type/CHANGELOG.md)
    - [Commits](https://github.com/arktypeio/arktype/commits/arktype@2.2.2/ark/type)
    
    Updates `@cipherstash/protect-ffi` from 0.23.0 to 0.26.0
    - [Release notes](https://github.com/cipherstash/protectjs-ffi/releases)
    - [Changelog](https://github.com/cipherstash/protectjs-ffi/blob/main/CHANGELOG.md)
    - [Commits](cipherstash/protectjs-ffi@v0.23.0...v0.26.0)
    
    Updates `@stricli/core` from 1.2.7 to 1.2.8
    - [Release notes](https://github.com/bloomberg/stricli/releases)
    - [Changelog](https://github.com/bloomberg/stricli/blob/main/CHANGELOG.md)
    - [Commits](bloomberg/stricli@v1.2.7...v1.2.8)
    
    Updates `uuid` from 14.0.0 to 14.0.1
    - [Release notes](https://github.com/uuidjs/uuid/releases)
    - [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
    - [Commits](uuidjs/uuid@v14.0.0...v14.0.1)
    
    Updates `@anthropic-ai/claude-agent-sdk` from 0.3.143 to 0.3.198
    - [Release notes](https://github.com/anthropics/claude-agent-sdk-typescript/releases)
    - [Changelog](https://github.com/anthropics/claude-agent-sdk-typescript/blob/main/CHANGELOG.md)
    - [Commits](anthropics/claude-agent-sdk-typescript@v0.3.143...v0.3.198)
    
    Updates `@anthropic-ai/sdk` from 0.106.0 to 0.109.1
    - [Release notes](https://github.com/anthropics/anthropic-sdk-typescript/releases)
    - [Changelog](https://github.com/anthropics/anthropic-sdk-typescript/blob/main/CHANGELOG.md)
    - [Commits](anthropics/anthropic-sdk-typescript@sdk-v0.106.0...sdk-v0.109.1)
    
    Updates `@clerk/nextjs` from 7.3.5 to 7.5.12
    - [Release notes](https://github.com/clerk/javascript/releases)
    - [Changelog](https://github.com/clerk/javascript/blob/main/packages/nextjs/CHANGELOG.md)
    - [Commits](https://github.com/clerk/javascript/commits/@clerk/nextjs@7.5.12/packages/nextjs)
    
    Updates `next` from 15.5.18 to 15.5.20
    - [Release notes](https://github.com/vercel/next.js/releases)
    - [Commits](vercel/next.js@v15.5.18...v15.5.20)
    
    Updates `tsx` from 4.22.1 to 4.22.4
    - [Release notes](https://github.com/privatenumber/tsx/releases)
    - [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs)
    - [Commits](privatenumber/tsx@v4.22.1...v4.22.4)
    
    Updates `vite` from 8.0.13 to 8.1.3
    - [Release notes](https://github.com/vitejs/vite/releases)
    - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
    - [Commits](https://github.com/vitejs/vite/commits/v8.1.3/packages/vite)
    
    ---
    updated-dependencies:
    - dependency-name: pg
      dependency-version: 8.22.0
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    - dependency-name: "@clack/prompts"
      dependency-version: 1.6.0
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    - dependency-name: posthog-node
      dependency-version: 5.39.3
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    - dependency-name: "@rollup/rollup-linux-x64-gnu"
      dependency-version: 4.62.2
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    - dependency-name: arktype
      dependency-version: 2.2.2
      dependency-type: direct:production
      update-type: version-update:semver-patch
      dependency-group: production-minor-patch
    - dependency-name: "@cipherstash/protect-ffi"
      dependency-version: 0.26.0
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    - dependency-name: "@stricli/core"
      dependency-version: 1.2.8
      dependency-type: direct:production
      update-type: version-update:semver-patch
      dependency-group: production-minor-patch
    - dependency-name: uuid
      dependency-version: 14.0.1
      dependency-type: direct:production
      update-type: version-update:semver-patch
      dependency-group: production-minor-patch
    - dependency-name: "@anthropic-ai/claude-agent-sdk"
      dependency-version: 0.3.198
      dependency-type: direct:production
      update-type: version-update:semver-patch
      dependency-group: production-minor-patch
    - dependency-name: "@anthropic-ai/sdk"
      dependency-version: 0.109.1
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    - dependency-name: "@clerk/nextjs"
      dependency-version: 7.5.12
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    - dependency-name: next
      dependency-version: 15.5.20
      dependency-type: direct:production
      update-type: version-update:semver-patch
      dependency-group: production-minor-patch
    - dependency-name: tsx
      dependency-version: 4.22.4
      dependency-type: direct:production
      update-type: version-update:semver-patch
      dependency-group: production-minor-patch
    - dependency-name: vite
      dependency-version: 8.1.3
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot @github

    dependabot Bot commented on behalf of github Jul 9, 2026

    Copy link
    Copy Markdown
    Contributor Author

    Labels

    The following labels could not be found: supply-chain. Please create it before Dependabot can add it to a pull request.

    Please fix the above issues or remove invalid values from dependabot.yml.

    @dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 9, 2026
    @dependabot dependabot Bot requested a review from a team as a code owner July 9, 2026 14:39
    @dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 9, 2026
    @changeset-bot

    changeset-bot Bot commented Jul 9, 2026

    Copy link
    Copy Markdown

    ⚠️ No Changeset found

    Latest commit: 00e9320

    Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

    This PR includes no changesets

    When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

    Click here to learn what changesets are, and how to add one.

    Click here if you're a maintainer who wants to add a changeset to this PR

    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

    Labels

    dependencies Pull requests that update a dependency file

    Projects

    None yet

    Development

    Successfully merging this pull request may close these issues.

    0 participants