build(deps): bump the simple group across 1 directory with 61 updates

[dependabot]

Bumps the simple group with 61 updates in the /console directory:

Package	From	To
@codemirror-toolkit/react	0.6.0	0.7.1
@codemirror/commands	6.7.1	6.10.3
@codemirror/lang-json	6.0.1	6.0.2
@codemirror/lang-sql	6.8.0	6.10.0
@codemirror/language	6.10.3	6.12.3
@codemirror/view	6.40.0	6.43.1
@date-fns/utc	2.1.0	2.1.1
@fontsource/roboto-mono	5.1.0	5.2.9
@frontegg/react	7.2.0	7.13.3
@intercom/messenger-js-sdk	0.0.14	0.0.19
@lezer/common	1.2.3	1.5.2
@lezer/highlight	1.1.6	1.2.3
@materializeinc/sql-lexer	26.16.0	26.28.0
@materializeinc/sql-pretty	26.16.0	26.28.0
@rehookify/datepicker	6.6.7	6.6.8
@segment/analytics-next	1.82.0	1.84.0
@sentry/react	10.46.0	10.57.0
@stripe/stripe-js	9.5.0	9.8.0
@tanstack/react-query	5.95.2	5.101.0
@tanstack/react-query-devtools	5.95.2	5.101.0
codemirror	6.0.1	6.0.2
date-fns	4.1.0	4.4.0
downshift	9.0.8	9.3.6
framer-motion	12.38.0	12.40.0
jotai	2.9.3	2.20.1
kysely	0.28.17	0.29.2
launchdarkly-js-client-sdk	3.9.0	3.9.3
oidc-client-ts	3.4.1	3.5.0
papaparse	5.4.1	5.5.3
@types/papaparse	5.3.15	5.5.2
react-hook-form	7.53.1	7.79.0
react-oidc-context	3.3.0	3.3.1
react-select	5.8.3	5.10.2
semver	7.6.3	7.8.4
@types/semver	7.5.8	7.7.1
style-mod	4.1.2	4.1.3
@babel/core	7.29.0	7.29.7
@sentry/vite-plugin	5.1.1	5.3.0
@tanstack/eslint-plugin-query	5.95.2	5.101.0
@testing-library/dom	10.4.0	10.4.1
@testing-library/user-event	14.5.2	14.6.1
@types/node	25.3.5	25.9.3
@typescript-eslint/eslint-plugin	8.57.2	8.61.0
@typescript-eslint/parser	8.57.2	8.61.0
core-js	3.38.1	3.49.0
debug	4.3.7	4.4.3
@types/debug	4.1.12	4.1.13
eslint-plugin-import	2.31.0	2.32.0
eslint-plugin-prettier	5.2.1	5.5.6
eslint-plugin-react-refresh	0.4.14	0.5.3
fast-xml-parser	5.7.1	5.9.0
jotai-devtools	0.10.1	0.14.0
jsonwebtoken	9.0.2	9.0.3
@types/jsonwebtoken	9.0.7	9.0.10
kysely-codegen	0.17.0	0.20.0
msw	2.6.4	2.14.6
pg	8.20.0	8.21.0
prettier	3.3.3	3.8.4
react-refresh	0.14.2	0.18.0
terser	5.46.1	5.48.0
tsx	4.22.2	4.22.4

Updates @codemirror-toolkit/react from 0.6.0 to 0.7.1

Commits

• 5554f9f chore: release react@0.7.1
• 6d811e6 chore(react): update keywords
• 202140a docs(react): refine migration guide
• e0e7f4c chore: release utils@0.5.1, react@0.7.0
• bbdefbe chore(react): lower support version to 16.8
• f263f87 docs(react): add function
• 04f3845 refactor(react)!: new api
• 203242a chore(deps): bump versions
• 844e7d4 refactor(react): rephrase error message
• 24cfa99 refactor(react)!: rename types
• Additional commits viewable in compare view

Updates @codemirror/commands from 6.7.1 to 6.10.3

Changelog

Sourced from @​codemirror/commands's changelog.

6.10.3 (2026-03-12)

Bug fixes

Make sure selection-extending commands preserve the associativity of the selection head.

6.10.2 (2026-02-06)

Bug fixes

Move the selection to a less surprising place when undoing, moving the selection, redoing, then undoing again.

6.10.1 (2025-12-17)

Bug fixes

Fix a bug where copyLineDown would leave the cursor on the wrong line when it was at the start of the line.

6.10.0 (2025-10-23)

New features

The new deleteGroupForwardWin command provides by-group forward deletion using the Windows convention.

6.9.0 (2025-10-02)

Bug fixes

Prevent the default behavior of backspace and delete keys, to prevent the browser from doing anything creative when there's nothing to delete.

New features

Implement new addCursorAbove and addCursorBelow commands. Bind them to Mod-Alt-ArrowUp/Down in the default keymap.

6.8.1 (2025-03-31)

Bug fixes

Fix an issue where creating a comment for a line that starts an inner language would use the comment style from the outer language.

6.8.0 (2025-01-08)

New features

The new cursorGroupForwardWin and selectGroupForwardWin commands implement Windows-style forward motion by group.

Commits

• 6f83cb9 Mark version 6.10.3
• 8364073 Properly preserve selection associativity in selection-extending commands
• aa61d5c Add more tests for vertical cursor and selection motion
• dbae3a1 Mark version 6.10.2
• beecd58 Use a more reasonable start selection for the inverse of applied history events
• 0587e5d Add a test cursorLineDown skipping trailing inline widgets
• fe13f95 Add some more explicit type annotations
• 2f99b7b Use git+https format for package.json repository field
• a6196d9 Query configuration at start of line in changeLineComment
• 42bc68c Mark version 6.10.1
• Additional commits viewable in compare view

Updates @codemirror/lang-json from 6.0.1 to 6.0.2

Changelog

Sourced from @​codemirror/lang-json's changelog.

6.0.2 (2025-06-19)

Bug fixes

Add a .d.cts file to make TypeScript happy.

Commits

• ef0c630 Mark version 6.0.2
• 3996d0a Add a usage section to readme
• f7bd24a Move to @​codemirror/buildhelper 1.0.0
• fdc00c1 Update links in readme
• 1bbb5ed Update maintainer email
• See full diff in compare view

Updates @codemirror/lang-sql from 6.8.0 to 6.10.0

Changelog

Sourced from @​codemirror/lang-sql's changelog.

6.10.0 (2025-09-16)

New features

Allow [ in identifierQuotes for MSSQL-style bracketed identifiers.

6.9.1 (2025-07-28)

Bug fixes

Include more MSSQL keyboards and builtins in the completions.

Allow built-in special variables for a dialect to be completed.

6.9.0 (2025-05-30)

New features

The new SQLDialect.configureLanguage method can be used to configure the language (and it's syntax node props) used by a dialect.

Commits

• 62abf00 Mark version 6.10.0
• 3dc83af Remove semicolons
• 6da5e4f Add support for MSSQL-style bracket quoted identifiers
• 4a74c3d Mark version 6.9.1
• 87e0909 Allow completion of special variables
• ef183b0 Fix coding style for MSSQL builtins
• 62e0113 Added missing MSSQL keywords and built-in functions
• b7155bf Mark version 6.9.0
• 8ec4885 Add SQLDialect.configureLanguage method
• 7997522 Add a usage section to readme
• See full diff in compare view

Updates @codemirror/language from 6.10.3 to 6.12.3

Changelog

Sourced from @​codemirror/language's changelog.

6.12.3 (2026-03-25)

Bug fixes

Fix a crash in bracketMatching when composing at end of document.

6.12.2 (2026-02-25)

Bug fixes

Make sure brackets are highlighted in the initial editor state.

Pause bracket matching updates during composition, to avoid disrupting Mobile Safari's fragile composition handling.

6.12.1 (2025-12-22)

Bug fixes

Improve finding inner language in syntax tree when the nested parse has been marked as bracketed.

6.11.3 (2025-08-15)

Bug fixes

Make the stream parser user 4 times smaller chunks to reduce the amount of re-parsed code on changes.

6.11.2 (2025-06-27)

Bug fixes

Make sure folded ranges open when backspacing or deleting into them.

6.11.1 (2025-06-02)

Bug fixes

Fix an issue where indentation would sometimes miss nodes in mixed-language situations.

6.11.0 (2025-03-13)

New features

Stream parsers now support a mergeTokens option that can be used to turn off automatic merging of adjacent tokens.

6.10.8 (2024-12-23)

Bug fixes

Fix a regression introduced 6.10.7 that caused indention to sometimes crash on nested language boundaries.

... (truncated)

Commits

• f5af31e Mark version 6.12.3
• 371c9ba Fix bogus bracket highlighting being generated at end of document
• 9531899 Remove duplicated slash in forum url in README
• 2f4e701 Fix forum link in readme
• b5cd54b Mark version 6.12.2
• 5f86763 Pause bracket matching updates during composition
• af8dca9 Properly show matched brackets in the initial editor state
• 693a25e Use git+https format for package.json repository field
• bcc504c Mark version 6.12.1
• d131a0f Use EnterBracketed mode when finding inner language
• Additional commits viewable in compare view

Updates @codemirror/view from 6.40.0 to 6.43.1

Changelog

Sourced from @​codemirror/view's changelog.

6.41.0 (2026-04-01)

Bug fixes

Fix an issue where EditorView.posAtCoords could incorrectly return a position near a higher element on the line, in mixed-font-size lines.

Expand the workaround for the Webkit bug that causes nonexistent selections to stay visible to be active on non-Safari Webkit browsers.

New features

The new EditorView.cursorScrollMargin facet can now be used to configure the extra space used when scrolling the cursor into view.

Commits

• See full diff in compare view

Updates @date-fns/utc from 2.1.0 to 2.1.1

Changelog

Sourced from @​date-fns/utc's changelog.

v2.1.1 - 2025-07-30

Fixed

• Fixed CommonJS support by adjusting the main field in package.json.

Commits

• See full diff in compare view

Updates @fontsource/roboto-mono from 5.1.0 to 5.2.9

Commits

• See full diff in compare view

Updates @frontegg/react from 7.2.0 to 7.13.3

Release notes

Sourced from @​frontegg/react's releases.

v7.13.3

• FR-25111 - Fixed tenant regex

---

[!NOTE] Low Risk Dependency-only version bump with no local code changes; risk is limited to upstream 7.110.0 behavior in auth/admin flows.

Overview Bumps the embedded Frontegg Admin Portal stack from 7.109.0 to 7.110.0 by updating @frontegg/js and @frontegg/react-hooks in packages/react/package.json and refreshing yarn.lock for the related @frontegg/* packages.

There are no application source changes in this repo; behavior updates (including the tenant regex fix noted in FR-25111) come from the upgraded published packages.

Reviewed by Cursor Bugbot for commit e036f6948f8a1b49c443a3026c9ab66aac74a545. Bugbot is set up for automated code reviews on this repo. Configure here.

v7.13.2

• FR-25022 - Changed phone validations

---

[!NOTE] Medium Risk Validation behavior for phone numbers changes in a vendor auth/admin package, which can affect signup or profile flows without local code to review in this PR.

Overview Bumps @frontegg/js and @frontegg/react-hooks in packages/react from 7.108.0 to 7.109.0, with yarn.lock updated for the matching @frontegg/types, redux-store, and rest-api versions. There are no application source changes in this repo—the Admin Portal behavior (including FR-25022 phone validation updates noted in the PR description) comes from the upgraded Frontegg packages.

Reviewed by Cursor Bugbot for commit ba67d54dd118e133862c20cdffc7fc4935065d49. Bugbot is set up for automated code reviews on this repo. Configure here.

v7.13.1

• FR-23507 - Fixed custom login box favicon not displaying pulls from main login box instead

---

[!NOTE] Medium Risk Updates core Frontegg SDK dependencies, so behavior changes come from upstream library code and could affect authentication/AdminPortal flows at runtime despite the small diff.

Overview Updates packages/react to depend on @frontegg/js and @frontegg/react-hooks 7.108.0 (from 7.107.0).

... (truncated)

Changelog

Sourced from @​frontegg/react's changelog.

7.13.3 (2026-6-4)

• FR-25111 - Fixed tenant regex

---

[!NOTE] Low Risk Dependency-only version bump with no local code changes; risk is limited to upstream 7.110.0 behavior in auth/admin flows.

Overview Bumps the embedded Frontegg Admin Portal stack from 7.109.0 to 7.110.0 by updating @frontegg/js and @frontegg/react-hooks in packages/react/package.json and refreshing yarn.lock for the related @frontegg/* packages.

There are no application source changes in this repo; behavior updates (including the tenant regex fix noted in FR-25111) come from the upgraded published packages.

Reviewed by Cursor Bugbot for commit e036f6948f8a1b49c443a3026c9ab66aac74a545. Bugbot is set up for automated code reviews on this repo. Configure here.

7.13.2 (2026-6-1)

• FR-25022 - Changed phone validations

---

[!NOTE] Medium Risk Validation behavior for phone numbers changes in a vendor auth/admin package, which can affect signup or profile flows without local code to review in this PR.

Overview Bumps @frontegg/js and @frontegg/react-hooks in packages/react from 7.108.0 to 7.109.0, with yarn.lock updated for the matching @frontegg/types, redux-store, and rest-api versions. There are no application source changes in this repo—the Admin Portal behavior (including FR-25022 phone validation updates noted in the PR description) comes from the upgraded Frontegg packages.

Reviewed by Cursor Bugbot for commit ba67d54dd118e133862c20cdffc7fc4935065d49. Bugbot is set up for automated code reviews on this repo. Configure here.

7.13.1 (2026-5-19)

• FR-23507 - Fixed custom login box favicon not displaying pulls from main login box instead

---

[!NOTE] Medium Risk Updates core Frontegg SDK dependencies, so behavior changes come from upstream library code and could affect authentication/AdminPortal flows at runtime despite the small diff.

Overview

... (truncated)

Commits

• 6d3abc3 chore(release): publish 7.13.3
• 80051ef Merge pull request #1347 from frontegg/upgrade-admin-portal
• e036f69 update admin-portal 7.110.0
• 3fcbae2 chore(release): publish 7.13.2
• 24ca91d Merge pull request #1345 from frontegg/upgrade-admin-portal
• ba67d54 update admin-portal 7.109.0
• fb25a48 chore(release): publish 7.13.1
• c69b4d4 Merge pull request #1343 from frontegg/upgrade-admin-portal
• 81cc59e update admin-portal 7.108.0
• 10f3dac chore(release): publish 7.13.0
• Additional commits viewable in compare view

Updates @intercom/messenger-js-sdk from 0.0.14 to 0.0.19

Updates @lezer/common from 1.2.3 to 1.5.2

Changelog

Sourced from @​lezer/common's changelog.

1.5.2 (2026-04-08)

Bug fixes

Fix a bug in mixed parsing that could cause the parser to fail to reuse unchanged inner parses.

1.5.1 (2026-02-03)

Bug fixes

Fix a bug that caused SyntaxNode.enter to incorrectly enter bracketed mounted trees in some circumstances.

1.5.0 (2025-12-22)

New features

Nested trees can now specify that they are bracketed, and the new IterMode.EnterBracketed mode for enter will enter such trees regardless the side parameter.

1.4.0 (2025-11-28)

New features

Provide a prop method on the SyntaxNode type for more straightforward access to node props.

1.3.0 (2025-10-17)

Bug fixes

Fix an issue where in some situations a nested parse would break highlighting after it.

New features

Node props may now define a merge function that will be used when the prop is added to a node that already has it.

Commits

• de5f962 Mark version 1.5.2
• 94cfcf7 Fix a bug in mixed parsing that could make it fail to reuse nodes
• d33ee03 Mark version 1.5.1
• 863f10b Fix a bug in entering tree nodes with IterMode.EnterBracketed
• 850bf75 Fix a spurious type error
• 0c965ec Mark version 1.5.0
• bca9bc0 Add a bracketed flag to nested trees
• 565b8c8 Fix code style
• 7b20af1 Mark version 1.4.0
• d4a0448 Properly pass by lookahead records when scanning for buffer size
• Additional commits viewable in compare view

Updates @lezer/highlight from 1.1.6 to 1.2.3

Changelog

Sourced from @​lezer/highlight's changelog.

1.2.3 (2025-10-26)

Bug fixes

Fix a regression in 1.2.2 when assigning new highlight tags to nodes.

1.2.2 (2025-10-17)

Bug fixes

Fix an issue where adding additional highlighting info for a node that already had some rule would drop the old info.

1.2.1 (2024-08-13)

Bug fixes

Give Tag objects an optional string name for debugging, and use it in their toString method.

1.2.0 (2023-11-12)

New features

The new highlightCode function provides a higher-level interface for emitting highlighted code.

Commits

• 37e3eef Mark version 1.2.3
• 3c2d268 Fix bug in highlight rule node prop combiner
• 675eccd Mark version 1.2.2
• ac0d436 Define a merge function for the highlight rule node prop
• de347b6 Fix outdated example in doc comment
• 95aa69e Mark version 1.2.1
• 92b0094 Make Tag.toString try a bit harder to return useful information
• 33dd3f5 Link parent tag from tags.contentSeparator docstring
• 88ff939 Mark version 1.2.0
• 308bca6 Add highlightCode function
• See full diff in compare view

Updates @materializeinc/sql-lexer from 26.16.0 to 26.28.0

Release notes

Sourced from @​materializeinc/sql-lexer's releases.

v26.28.0

https://materialize.com/docs/releases/#v26280

v26.27.0

https://materialize.com/docs/releases/#v26270

Commits

• 4c1cc5a release: bump to version v26.28.0
• bc54982 release: bump to version v26.28.0-rc.1
• 8373fdb LICENSE: update change date
• 106351c sql: redact passwd in pg_catalog.pg_user (#36911)
• 38e6e27 console: show real balancerd host in the OIDC connect modal (#36878)
• 2521edf sql: remove refresh strategies and scheduled clusters from public docs (#36908)
• 33b8db8 [SCIM] frontegg-auth extract groups from JWT for group-role sync
• 261d61d Revert "refactor: Change all Visitors to be iterative, child-based" (#36905)
• 72d1410 compute: store correction v2 chunks in a columnar chunk region (#36577)
• 931f79a Revert "expr: infer non-nullable columns from regex capture groups" (#36902)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by def-, a new releaser for @​materializeinc/sql-lexer since your current version.

Updates @materializeinc/sql-pretty from 26.16.0 to 26.28.0

Release notes

Sourced from @​materializeinc/sql-pretty's releases.

v26.28.0

https://materialize.com/docs/releases/#v26280

v26.27.0

https://materialize.com/docs/releases/#v26270

Commits

• 4c1cc5a release: bump to version v26.28.0
• bc54982 release: bump to version v26.28.0-rc.1
• 8373fdb LICENSE: update change date
• 106351c sql: redact passwd in pg_catalog.pg_user (#36911)
• 38e6e27 console: show real balancerd host in the OIDC connect modal (#36878)
• 2521edf sql: remove refresh strategies and scheduled clusters from public docs (#36908)
• 33b8db8 [SCIM] frontegg-auth extract groups from JWT for group-role sync
• 261d61d Revert "refactor: Change all Visitors to be iterative, child-based" (#36905)
• 72d1410 compute: store correction v2 chunks in a columnar chunk region (#36577)
• 931f79a Revert "expr: infer non-nullable columns from regex capture groups" (#36902)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by def-, a new releaser for @​materializeinc/sql-pretty since your current version.

Updates @rehookify/datepicker from 6.6.7 to 6.6.8

Release notes

Sourced from @​rehookify/datepicker's releases.

React v19 support

• add React V19 to the peerDependencies
• update React to v19
• update all devDependencies to latest
• make e2e more robust

Commits

• a23eebc chore: bump react to the v19 (#75)
• 76986c2 refactor: flat-eslint-config (#70)
• See full diff in compare view

Updates @segment/analytics-next from 1.82.0 to 1.84.0

Release notes

Sourced from @​segment/analytics-next's releases.

@​segment/analytics-next@​1.84.0

Minor Changes

• #1342 65951526 Thanks @​MichaelGHSeg! - Unify and harden HTTP response handling and retry behavior across browser and node SDKs.

  • Browser (@segment/analytics-next) - Add config-driven response handling for Segment.io delivery (httpConfig with rate-limit/backoff controls). - Improve batching/dispatcher retry semantics for 429 and transient failures. - Use configured protocol for batching requests when apiHost has no scheme, while preserving compatibility for apiHost values that already include http:// or https://.

  • Node (@segment/analytics-node) - Align publisher retry/status behavior with updated response handling rules. - Add maxTotalBackoffDuration and maxRateLimitDuration settings to control retry ceilings. - Update default retry configuration to increase resilience under transient failures.

  • Core (@segment/analytics-core) - Standardize backoff defaults used by retry queues.

Patch Changes

• Updated dependencies [65951526]:
  • @​segment/analytics-core@​1.8.3

@​segment/analytics-next@​1.83.0

Minor Changes

• #1356 bd498512 Thanks @​laksh-twilio! - Fixes #1336 NullAnalytics was accidentally removed from the public exports in commit b611746 (PR #1090) when exports were changed from wildcard to explicit. This restores the export for users who need NullAnalytics in their test code.

Patch Changes

• #1357 a70d9e69 Thanks @​chenxzhang! - Rename middleware chunk name to avoid collision with Next.js middleware entrypoint

Changelog

Sourced from @​segment/analytics-next's changelog.

1.84.0

Minor Changes

• #1342 65951526 Thanks @​MichaelGHSeg! - Unify and harden HTTP response handling and retry behavior across browser and node SDKs.

  • Browser (@segment/analytics-next) - Add config-driven response handling for Segment.io delivery (httpConfig with rate-limit/backoff controls). - Improve batching/dispatcher retry semantics for 429 and transient failures. - Use configured protocol for batching requests when apiHost has no scheme, while preserving compatibility for apiHost values that already include http:// or https://.

  • Node (@segment/analytics-node) - Align publisher retry/status behavior with updated response handling rules. - Add maxTotalBackoffDuration and maxRateLimitDuration settings to control retry ceilings. - Update default retry configuration to increase resilience under transient failures.

  • Core (@segment/analytics-core) - Standardize backoff defaults used by retry queues.

Patch Changes

• Updated dependencies [65951526]:
  • @​segment/analytics-core@​1.8.3

1.83.0

Minor Changes

• #1356 bd498512 Thanks @​laksh-twilio! - Fixes #1336 NullAnalytics was accidentally removed from the public exports in commit b611746 (PR #1090) when exports were changed from wildcard to explicit. This restores the export for users who need NullAnalytics in their test code.

Patch Changes

• #1357 a70d9e69 Thanks @​chenxzhang! - Rename middleware chunk name to avoid collision with Next.js middleware entrypoint

Commits

• 320ec6f Version Packages (#1361)
• 5eb12a1 fix(node): prevent closeAndFlush from dropping in-flight events (#1365)
• 6595152 Improve HTTP response handling and retry behavior (#1342)
• ef93c3b Version Packages (#1358)
• bd49851 Export NullAnalytics from main package (#1356)
• a70d9e6 fix(analytics): use more unique chunk name for middleware (#1339) (#1357)
• 8f10626 Add settings e2e test suite, update CI workflow (#1352)
• See full diff in compare view

Updates @sentry/react from 10.46.0 to 10.57.0

Release notes

Sourced from @​sentry/react's releases.

10.57.0

Important Changes

• feat(angular): Add support for Angular 22 (#21330)

  @sentry/angular now officially supports Angular 22.

• ref(core): Deprecate sendDefaultPii in favor of dataCollection (#21277)

  sendDefaultPii is deprecated and will be removed in v11. The new dataCollection option lets you control each category of collected data. sendDefaultPii: true still works and maps to enabling all dataCollection categories. dataCollection.userInfo defaults to true when dataCollection is provided, meaning auto-populated user.* fields (e.g. IP address from a request) are collected by default. Data you set explicitly (like via Sentry.setUser()) is always sent regardless. When dataCollection is not set at all, the legacy sendDefaultPii behavior applies (userInfo: false by default) to preserve backward compatibility.

  Note that an empty dataCollection: {} falls back to more permissive defaults than sendDefaultPii: false, so replicate the old behavior by opting out explicitly:

  Sentry.init({
    dataCollection: {
      userInfo: false,
      genAI: { inputs: false, outputs: false },
      httpBodies: [],
      httpHeaders: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
      cookies: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
      queryParams: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
    },
  });

Other Changes

• feat: Use dataCollection.frameContextLines for ContextLines integration (#21323)
• feat(cloudflare): Auto instrument D1 based on env (#21276)
• feat(core): Change default of dataCollection.userInfo to true (#21348)
• feat(core): Default dataCollection.httpBodies to all valid body types (#21352)
• feat(hono): Filter noisy transactions (favicon etc) (#21365)
• fix(cloudflare): Don't track negatively sampled spans (#21367)
• fix(core): Use safeDateNow calls for new Date() reads (#21351)
• fix(nextjs): Shim pinoIntegration on edge runtime (#21347)
• fix(node): Prevent PostgresJs integration from emitting duplicate spans per query (#21364)
• fix(node-core): Read __SENTRY_SERVER_MODULES__ lazily so Turbopack injection is honored (#21339)
• fix(react): Detect React Router v6/v7 navigations in a layout effect to propagate the correct trace (#21326)
• fix(react): Remove unused react.componentStack event context (#21183)
• fix(replays): Record sentry._internal.replay_is_buffering for spans (#21297)

• chore: Bump volta node version from 20.19.2 to 20.19.5 (#21359)

... (truncated)

Changelog

Sourced from @​sentry/react's changelog.

10.57.0

Important Changes

• feat(angular): Add support for Angular 22 (#21330)

  @sentry/angular now officially supports Angular 22.

• ref(core): Deprecate sendDefaultPii in favor of dataCollection (#21277)

  sendDefaultPii is deprecated and will be removed in v11. The new dataCollection option lets you control each category of collected data. sendDefaultPii: true still works and maps to enabling all dataCollection categories. dataCollection.userInfo defaults to true when dataCollection is provided, meaning auto-populated user.* fields (e.g. IP address from a request) are collected by default. Data you set explicitly (like via Sentry.setUser()) is always sent regardless. When dataCollection is not set at all, the legacy sendDefaultPii behavior applies (userInfo: false by default) to preserve backward compatibility.

  Note that an empty dataCollection: {} falls back to more permissive defaults than sendDefaultPii: false, so replicate the old behavior by opting out explicitly:

  Sentry.init({
    dataCollection: {
      userInfo: false,
      genAI: { inputs: false, outputs: false },
      httpBodies: [],
      httpHeaders: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
      cookies: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
      queryParams: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
    },
  });

Other Changes

• feat: Use dataCollection.frameContextLines for ContextLines integration (#21323)
• feat(cloudflare): Auto instrument D1 based on env (#21276)
• feat(core): Change default of dataCollection.userInfo to true (#21348)
• feat(core): Default dataCollection.httpBodies to all valid body types (#21352)
• feat(hono): Filter noisy transactions (favicon etc) (#21365)
• fix(cloudflare): Don't track negatively sampled spans (#21367)
• fix(core): Use safeDateNow calls for new Date() reads (#21351)
• fix(nextjs): Shim pinoIntegration on edge runtime (#21347)
• fix(node): Prevent PostgresJs integration from emitting duplicate spans per query (#21364)
• fix(node-core): Read __SENTRY_SERVER_MODULES__ lazily so Turbopack injection is honored (#21339)
• fix(react): Detect React Router v6/v7 navigations in a layout effect to propagate the correct trace (#21326)
• fix(react): Remove unused react.componentStack event context (#21183)
• fix(replays): Record sentry._internal.replay_is_buffering for spans (#21297)

... (truncated)

Commits

• 950cf97 release: 10.57.0
• 55f9343 Merge pull request #21369 from getsentry/prepare-release/10.57.0
• 88d9d30 meta(changelog): Update changelog for 10.57.0
• 03ffd25 fix(cloudflare): Don't track negatively sampled spans (#21367)
• 7c19ead ref(node): Streamline sql-common (#21360)
• 95df562 feat(hono): Filter noisy transactions (favicon etc) (#21365)
• 92eb5d2 feat(deps): Bump hono from 4.12.18 to 4.12.21 (#21341)
• c6f790b fix(node): Prevent PostgresJs integration from emitting duplicate spans per q...
• d645349 ref(node): Streamline lru-memoizer instrumentation (#21350)
• 4293015 feat(deps): Bump @​types/aws-lambda from 8.10.150 to 8.10.161 (#21105)
• Additional commits viewable in compare view

Updates @stripe/stripe-js from 9.5.0 to 9.8.0

Release notes

Sourced from @​stripe/stripe-js's releases.

v9.8.0

Changed

• Add CurrencySelector element definitions for getElement and create (#930)
• Add new appearance API variable types (#931)
• add unit label to checkout.d.ts (