Skip to content

chore(deps): bump the production-minor-patch group across 1 directory with 21 updates#660

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/production-minor-patch-ddb2d0cc49
Closed

chore(deps): bump the production-minor-patch group across 1 directory with 21 updates#660
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/production-minor-patch-ddb2d0cc49

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 15, 2026

Copy link
Copy Markdown
Contributor

Bumps the production-minor-patch group with 21 updates in the / directory:

Package From To
pg 8.20.0 8.22.0
@clack/prompts 1.4.0 1.7.0
posthog-node 5.34.2 5.40.0
@rollup/rollup-linux-x64-gnu 4.60.4 4.62.2
arktype 2.2.0 2.2.3
@cipherstash/protect-ffi 0.23.0 0.28.0
@stricli/core 1.2.7 1.2.9
uuid 14.0.0 14.0.1
@anthropic-ai/claude-agent-sdk 0.3.143 0.3.204
@anthropic-ai/sdk 0.106.0 0.110.0
@cipherstash/auth-darwin-arm64 0.41.0 0.42.0
@cipherstash/auth-darwin-x64 0.41.0 0.42.0
@cipherstash/auth-linux-arm64-gnu 0.41.0 0.42.0
@cipherstash/auth-linux-x64-gnu 0.41.0 0.42.0
@cipherstash/auth-linux-x64-musl 0.41.0 0.42.0
@cipherstash/auth-win32-x64-msvc 0.41.0 0.42.0
@clerk/nextjs 7.3.5 7.5.14
next 15.5.18 15.5.20
tsx 4.22.1 4.23.0
vitest 3.2.6 3.2.7
vite 8.0.13 8.1.3

Updates pg from 8.20.0 to 8.22.0

Changelog

Sourced from pg's changelog.

pg@8.22.0

pg@8.21.0

Commits

Updates @clack/prompts from 1.4.0 to 1.7.0

Release notes

Sourced from @​clack/prompts's releases.

@​clack/prompts@​1.7.0

Minor Changes

  • #574 8f1c380 Thanks @​dreyfus92! - Add showInstructions option to select, multiselect, and groupMultiselect. Keyboard hints remain shown by default; pass showInstructions: false to hide them.

Patch Changes

@​clack/prompts@​1.6.0

Minor Changes

  • #568 f87933f Thanks @​florian-lefebvre! - Updates default formatter of note() to note dim lines anymore

    If you want the old behavior, provide a format() function:

    import { note } from '@clack/prompts';
    +import { styleText } from 'node:util';
    note(
    'You can edit the file src/index.jsx',
    'Next steps.'
    
    { format: (text) => styleText('dim', text) }
    );
  • #567 cc6aab5 Thanks @​dreyfus92! - Add keyboard instruction footers to select, multiselect, and groupMultiselect in the active state, matching autocomplete. No option — always shown.

  • Patch Changes

    @​clack/prompts@​1.5.1

    Patch Changes

    @​clack/prompts@​1.5.0

    Minor Changes

    ... (truncated)

    Changelog

    Sourced from @​clack/prompts's changelog.

    1.7.0

    Minor Changes

    • #574 8f1c380 Thanks @​dreyfus92! - Add showInstructions option to select, multiselect, and groupMultiselect. Keyboard hints remain shown by default; pass showInstructions: false to hide them.

    Patch Changes

    1.6.0

    Minor Changes

    • #568 f87933f Thanks @​florian-lefebvre! - Updates default formatter of note() to note dim lines anymore

      If you want the old behavior, provide a format() function:

      import { note } from '@clack/prompts';
      +import { styleText } from 'node:util';
      note(
      'You can edit the file src/index.jsx',
      'Next steps.'
      
      { format: (text) => styleText('dim', text) }
      );
  • #567 cc6aab5 Thanks @​dreyfus92! - Add keyboard instruction footers to select, multiselect, and groupMultiselect in the active state, matching autocomplete. No option — always shown.

  • Patch Changes

    1.5.1

    Patch Changes

    ... (truncated)

    Commits

    Updates posthog-node from 5.34.2 to 5.40.0

    Release notes

    Sourced from posthog-node's releases.

    posthog-node@5.40.0

    5.40.0

    Minor Changes

    • #4060 0b49a4c Thanks @​turnipdabeets! - Add secretKey config as the canonical alias for the deprecated personalApiKey (accepts a Personal API Key or Project Secret API Key). (2026-07-07)

    posthog-node@5.39.4

    5.39.4

    Patch Changes

    posthog-node@5.39.3

    5.39.3

    Patch Changes

    • #4055 64e04ba Thanks @​marandaneto! - Retry /flags requests that receive HTTP 502 or 504 responses across SDKs that use the shared core flags client. (2026-07-02)
    • Updated dependencies [64e04ba]:
      • @​posthog/core@​1.39.4

    posthog-node@5.39.2

    5.39.2

    Patch Changes

    • #4028 a664b81 Thanks @​marandaneto! - Make Node flush() wait for pending asynchronous SDK work before draining the event queue, so events produced by helpers like captureException() are not missed. Pending work rejections no longer prevent queued events from flushing. (2026-07-01)
    • Updated dependencies [a664b81]:
      • @​posthog/core@​1.39.3

    posthog-node@5.39.1

    5.39.1

    Patch Changes

    • #4029 b36b1cc Thanks @​marandaneto! - Call before_send for identify, group identify, and alias events. (2026-06-30)

    • #4027 ab118d2 Thanks @​marandaneto! - Safely serialize event batches with circular property references instead of crashing during flush. (2026-06-30)

    • Updated dependencies [ab118d2]:

      • @​posthog/core@​1.39.2

    ... (truncated)

    Changelog

    Sourced from posthog-node's changelog.

    5.40.0

    Minor Changes

    • #4060 0b49a4c Thanks @​turnipdabeets! - Add secretKey config as the canonical alias for the deprecated personalApiKey (accepts a Personal API Key or Project Secret API Key). (2026-07-07)

    5.39.4

    Patch Changes

    5.39.3

    Patch Changes

    • #4055 64e04ba Thanks @​marandaneto! - Retry /flags requests that receive HTTP 502 or 504 responses across SDKs that use the shared core flags client. (2026-07-02)
    • Updated dependencies [64e04ba]:
      • @​posthog/core@​1.39.4

    5.39.2

    Patch Changes

    • #4028 a664b81 Thanks @​marandaneto! - Make Node flush() wait for pending asynchronous SDK work before draining the event queue, so events produced by helpers like captureException() are not missed. Pending work rejections no longer prevent queued events from flushing. (2026-07-01)
    • Updated dependencies [a664b81]:
      • @​posthog/core@​1.39.3

    5.39.1

    Patch Changes

    • #4029 b36b1cc Thanks @​marandaneto! - Call before_send for identify, group identify, and alias events. (2026-06-30)

    • #4027 ab118d2 Thanks @​marandaneto! - Safely serialize event batches with circular property references instead of crashing during flush. (2026-06-30)

    • Updated dependencies [ab118d2]:

      • @​posthog/core@​1.39.2

    5.39.0

    Minor Changes

    ... (truncated)

    Commits
    • 954919d chore: update versions and lockfile [version bump]
    • 0b49a4c feat(node): add secretKey config, deprecate personalApiKey (#4060)
    • 859fd44 chore(deps): weekly safe npm updates · 10 packages (#4087)
    • 0ba87cb chore: update versions and lockfile [version bump]
    • 0c11747 fix: stop duplicating distinct_id in flags person properties (#4047)
    • 4eb8b21 chore: update versions and lockfile [version bump]
    • dd90e55 test(node): make local polling tests deterministic (#4043)
    • d1e6df8 chore: update versions and lockfile [version bump]
    • a664b81 fix: make flush wait for pending async work (#4028)
    • a5181ba chore: update versions and lockfile [version bump]
    • Additional commits viewable in compare view

    Updates @rollup/rollup-linux-x64-gnu from 4.60.4 to 4.62.2

    Release notes

    Sourced from @​rollup/rollup-linux-x64-gnu's releases.

    v4.62.2

    4.62.2

    2026-06-19

    Bug Fixes

    • Do not add spurious side-effect-free external imports to chunks when using minChunkSize (#6411)

    Pull Requests

    v4.62.1

    4.62.1

    2026-06-19

    Bug Fixes

    • Preserve multipart file extensions when deconflicting output chunks (#6408)
    • Fix an issue where getLogFilter would match additional logs (#6415)

    Pull Requests

    v4.62.0

    4.62.0

    2026-06-13

    Features

    • Ensure that shared dependencies between manual chunks and entry points receive a serparate chunk (#6374)

    Pull Requests

    ... (truncated)

    Changelog

    Sourced from @​rollup/rollup-linux-x64-gnu's changelog.

    4.62.2

    2026-06-19

    Bug Fixes

    • Do not add spurious side-effect-free external imports to chunks when using minChunkSize (#6411)

    Pull Requests

    4.62.1

    2026-06-19

    Bug Fixes

    • Preserve multipart file extensions when deconflicting output chunks (#6408)
    • Fix an issue where getLogFilter would match additional logs (#6415)

    Pull Requests

    4.62.0

    2026-06-13

    Features

    • Ensure that shared dependencies between manual chunks and entry points receive a serparate chunk (#6374)

    Pull Requests

    ... (truncated)

    Commits
    • 8faa187 4.62.2
    • a38a795 refactor(rust/parser_ast): extract property AstConverter write buffer kind lo...
    • 6cc5c31 Skip side-effect-free external imports when hoisting is disabled (#6411)
    • caacf70 4.62.1
    • d1e8297 Add missing ignore
    • 1ba1fc2 fix: insert conflict numbers before first extension in multi-extension filena...
    • 532bd0a Use import attributes for importing JSON (#6393)
    • 2cd8194 fix: advance value past wildcard prefix before suffix check in getLogFilter (...
    • dfac590 fix(deps): update minor/patch updates (#6418)
    • 1d6db3d chore(deps): update dependency eslint-plugin-unicorn to v66 (#6419)
    • Additional commits viewable in compare view

    Updates arktype from 2.2.0 to 2.2.3

    Changelog

    Sourced from arktype's changelog.

    2.2.3

    Fix type.fn.raw throwing at runtime

    type.fn.raw is documented as an untyped alias of type.fn, but was undefined at runtime and threw type.fn.raw is not a function when called. It now references the underlying parser directly, so it parses, runs, and validates like type.fn without type-level inference. Thanks to @​aarsh767.

    Anchor versioned UUID validation

    string.uuid no longer accepts strings that merely contain a UUID. The internal #versioned pattern is now anchored like the individual version keywords, so leading or trailing content is rejected. Thanks to @​WolfieLeader.

    Fix inferred output of declared morphs

    The output side of a declared definition now wraps its preinferred value in Out<...>, matching the inference of the equivalent definition without declare. Thanks to @​eralmansouri.

    Allow Object.prototype method names as keys

    Keys like constructor, toString, and hasOwnProperty are no longer incorrectly reported as duplicate keys, since duplicate detection now uses a prototype-free record. Thanks to @​kaigritun.

    2.2.2

    Fix precompilation of private aliases

    A private alias referenced only within its own scope is no longer skipped during JIT precompilation, so its optimized traversal is bound correctly instead of falling back to the unbound reference.

    Harden ArkErrors JSON serialization

    ArkErrors doubles as a Standard Schema issues array, so JSON.stringify no longer assumes every indexed entry is an ArkError with a toJSON method (e.g. plain issue-shaped entries from other validators). Inherited array methods (map, filter, slice, …) now return a plain Array via Symbol.species, preventing callbacks that return primitives from producing a malformed ArkErrors.

    2.2.1

    Improve regex inference for zero-min quantifiers on numeric patterns

    // was: Regex<`${number}`>
    // now: Regex<"" | `${number}`>
    regex("^\\d*$")

    See arkregex CHANGELOG for full notes.

    Commits

    Updates @cipherstash/protect-ffi from 0.23.0 to 0.28.0

    Release notes

    Sourced from @​cipherstash/protect-ffi's releases.

    v0.28.0

    Added

    • Support for @cipherstash/auth 0.41's @byteslice/result Result-shaped getToken(){ data: { token, … } } on success, { failure: { type, error, … } } on error — on both the Node (Neon) and WASM auth paths. The bare { token } shape (the documented getToken(): Promise<{ token }> contract, used by @cipherstash/auth <= 0.40 and custom strategies) is still accepted, so this is backward compatible. A failure result is reconstructed into the real stack_auth::AuthError via AuthError::from_error_code, preserving its code (e.g. NOT_AUTHENTICATED, EXPIRED_TOKEN) rather than flattening every failure to Server; unknown or foreign codes become AuthError::Custom. On the WASM path the structured payload rides along too, so WORKSPACE_MISMATCH round-trips; the Node path reconstructs by code + message (there WORKSPACE_MISMATCH surfaces as Custom, with the workspace detail preserved in the message).
    • CHANGELOG.md plus automated release notes. On npm version, the version lifecycle hook promotes the [Unreleased] section to a dated entry (scripts/changelog-release.mjs); the release workflow then publishes that section as the GitHub release body (scripts/changelog-extract.mjs).

    Changed

    • Bumped cipherstash-client, cts-common, stack-auth, and stack-profile to 0.39.1. stack-auth's AuthError::Server now wraps a ServerError newtype rather than a bare String, and 0.39.1 adds AuthError::from_error_code (the reconstruction the auth bridge now uses).

    v0.27.1-0

    No release notes provided.

    v0.27.0

    No release notes provided.

    v0.26.1-0

    No release notes provided.

    v0.26.0

    No release notes provided.

    v0.25.0

    ⚠️ Breaking changes

    • Removed serviceToken from EncryptOptions, DecryptOptions, and the query option types.
    • Removed the CtsToken public type export.
    • Auth environment updated for stack-auth 0.36: CS_REGION is dropped in favour of CS_WORKSPACE_CRN.

    ✨ Added

    ... (truncated)

    Changelog

    Sourced from @​cipherstash/protect-ffi's changelog.

    [0.28.0] - 2026-07-08

    Added

    • Support for @cipherstash/auth 0.41's @byteslice/result Result-shaped getToken(){ data: { token, … } } on success, { failure: { type, error, … } } on error — on both the Node (Neon) and WASM auth paths. The bare { token } shape (the documented getToken(): Promise<{ token }> contract, used by @cipherstash/auth <= 0.40 and custom strategies) is still accepted, so this is backward compatible. A failure result is reconstructed into the real stack_auth::AuthError via AuthError::from_error_code, preserving its code (e.g. NOT_AUTHENTICATED, EXPIRED_TOKEN) rather than flattening every failure to Server; unknown or foreign codes become AuthError::Custom. On the WASM path the structured payload rides along too, so WORKSPACE_MISMATCH round-trips; the Node path reconstructs by code + message (there WORKSPACE_MISMATCH surfaces as Custom, with the workspace detail preserved in the message).
    • CHANGELOG.md plus automated release notes. On npm version, the version lifecycle hook promotes the [Unreleased] section to a dated entry (scripts/changelog-release.mjs); the release workflow then publishes that section as the GitHub release body (scripts/changelog-extract.mjs).

    Changed

    • Bumped cipherstash-client, cts-common, stack-auth, and stack-profile to 0.39.1. stack-auth's AuthError::Server now wraps a ServerError newtype rather than a bare String, and 0.39.1 adds AuthError::from_error_code (the reconstruction the auth bridge now uses).

    [0.26.0] - 2026-06-08

    Changed

    • Bumped cipherstash-client and stack-auth to 0.37.0.
    • npm publishing now uses OIDC trusted publishing, and the release publish job was hardened (the publisher app token is scoped to contents:write).

    Added

    • Integration coverage for the OidcFederation auth strategy, wired against @cipherstash/auth 0.39.0.

    Fixed

    • Point the dryrun npm script at release.yml.

    [0.25.0] - 2026-05-29

    Breaking

    ... (truncated)

    Commits
    • fc58f7d v0.28.0
    • 70bd8ff Merge pull request #127 from cipherstash/eql_v3
    • f998f7c test+fix: address remaining PR review threads (CodeRabbit + Toby)
    • 9590220 test: cover the gaps flagged in the PR test-coverage review
    • a1bb91a fix(auth): harden failure-envelope reconstruction on both seams
    • e1fafc9 Merge branch 'main' into eql_v3
    • faf492d Merge pull request #125 from cipherstash/fix/auth-0.41-result-gettoken
    • c37f1a1 test: cover the 0.41 Result success + failure envelopes (js-strategy)
    • 359707a fix(wasm): guard non-object getToken result; propagate Reflect errors
    • 6bfcb9e feat: reconstruct auth failures via stack_auth::AuthError::from_error_code
    • Additional commits viewable in compare view
    Maintainer changes

    This version was pushed to npm by GitHub Actions, a new releaser for @​cipherstash/protect-ffi since your current version.


    Updates @stricli/core from 1.2.7 to 1.2.9

    Release notes

    Sourced from @​stricli/core's releases.

    v1.2.9

    1.2.9 (2026-07-02)

    🩹 Fixes

    • use correct ANSI code to reset bold mode for routes (18ed140)

    ❤️ Thank You

    • Michael Molisani

    v1.2.8

    1.2.8 (2026-06-18)

    🩹 Fixes

    • handle argument escape sequence in route scanner (87461d5)

    ❤️ Thank You

    • Michael Molisani
    Changelog

    Sourced from @​stricli/core's changelog.

    1.2.9 (2026-07-02)

    🩹 Fixes

    • use correct ANSI code to reset bold mode for routes (18ed140)

    ❤️ Thank You

    • Michael Molisani

    1.2.8 (2026-06-18)

    🩹 Fixes

    • handle argument escape sequence in route scanner (87461d5)

    ❤️ Thank You

    • Michael Molisani
    Commits
    • 467e572 chore(release): 1.2.9
    • 5acbbe1 ci: upgrade actions to deploy docs via pages
    • 18ed140 fix: use correct ANSI code to reset bold mode for routes
    • 5c5688e ci: clarify reason for each permission
    • 16b9cb2 ci(publish): add write contents permission for publish
    • 4ad6de6 ci(publish): use correct syntax for passing env vars between steps
    • 663fe16 chore(release): 1.2.8
    • 25f1312 ci(create_release): set origin as upstream of release branch
    • 87461d5 fix: handle argument escape sequence in route scanner
    • ed0d85e ci: skip publish if there is no pending release
    • Additional commits viewable in compare view

    Updates uuid from 14.0.0 to 14.0.1

    Release notes

    Sourced from uuid's releases.

    v14.0.1

    14.0.1 (2026-06-20)

    Bug Fixes

    • add types condition to node export for moduleResolution bundler (#961) (27ffae5)
    Changelog

    Sourced from uuid's changelog.

    14.0.1 (2026-06-20)

    Bug Fixes

    • add types condition to node export for moduleResolution bundler (#961) (27ffae5)
    Commits
    Install script changes

    This version modifies prepare script that runs during installation. Review the package contents before updating.


    Updates @anthropic-ai/claude-agent-sdk from 0.3.143 to 0.3.204

    Release notes

    Sourced from @​anthropic-ai/claude-agent-sdk's releases.

    v0.3.204

    What's changed

    • Updated to parity with Claude Code v2.1.204

    Update

    npm install @anthropic-ai/claude-agent-sdk@0.3.204
    # or
    yarn add @anthropic-ai/claude-agent-sdk@0.3.204
    # or
    pnpm add @anthropic-ai/claude-agent-sdk@0.3.204
    # or
    bun add @anthropic-ai/claude-agent-sdk@0.3.204

    v0.3.203

    What's changed

    • Added a background_tasks_changed system message with the full set of live background tasks on every membership change, so consumers can track background activity as a level instead of pairing task_started/task_notification edges
    • Fixed stable releases shipping a sdk.d.ts with unresolved type references that broke consumer typechecking with skipLibCheck disabled

    Update

    npm install @anthropic-ai/claude-agent-sdk@0.3.203
    # or
    yarn add @anthropic-ai/claude-agent-sdk@0.3.203
    # or
    pnpm add @anthropic-ai/claude-agent-sdk@0.3.203
    # or
    bun add @anthropic-ai/claude-agent-sdk@0.3.203

    v0.3.202

    What's changed

    • Added parent_agent_id field to subagent session messages for building depth-2+ agent trees from disk-persisted metadata
    • Fixed apply_flag_settings with a non-object settings value crashing the session instead of returning a control error

    Update

    npm install @anthropic-ai/claude-agent-sdk@0.3.202
    # or
    yarn add @anthropic-ai/claude-agent-sdk@0.3.202
    # or
    pnpm add @anthropic-ai/claude-agent-sdk@0.3.202
    # or
    </tr></table> 

    ... (truncated)

    Changelog

    Sourced from @​anthropic-ai/claude-agent-sdk's changelog.

    0.3.204

    • Added terminal_reason values tool_deferred_unavailable (deferred tool resume found the tool gone — previously an is_error result with no reason, read as a clean completion by lifecycle sweeps) and turn_setup_failed (the turn-input builder threw before the turn started). Both classify as dead turns, so commands consumed by them report command_lifecycle state cancelled
    • Fixed the post-merge cancel backstop cancelling every member of a coalesced prompt batch when a cancel named only one: uncancelled siblings now re-merge and run (previously they were reported cancelled — on remote transports that acknowledged them as processed, silently dropping messages nobody cancelled)
    • Added terminal_reason values api_error, malformed_tool_use_exhausted, budget_exhausted, and structured_output_retry_exhausted. Turns that die on an exhausted-API-retry or malformed-...

      Description has been truncated

    … with 21 updates
    
    Bumps the production-minor-patch group with 21 updates in the / directory:
    
    | Package | From | To |
    | --- | --- | --- |
    | [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg) | `8.20.0` | `8.22.0` |
    | [@clack/prompts](https://github.com/bombshell-dev/clack/tree/HEAD/packages/prompts) | `1.4.0` | `1.7.0` |
    | [posthog-node](https://github.com/PostHog/posthog-js/tree/HEAD/packages/node) | `5.34.2` | `5.40.0` |
    | [@rollup/rollup-linux-x64-gnu](https://github.com/rollup/rollup) | `4.60.4` | `4.62.2` |
    | [arktype](https://github.com/arktypeio/arktype/tree/HEAD/ark/type) | `2.2.0` | `2.2.3` |
    | [@cipherstash/protect-ffi](https://github.com/cipherstash/protectjs-ffi) | `0.23.0` | `0.28.0` |
    | [@stricli/core](https://github.com/bloomberg/stricli) | `1.2.7` | `1.2.9` |
    | [uuid](https://github.com/uuidjs/uuid) | `14.0.0` | `14.0.1` |
    | [@anthropic-ai/claude-agent-sdk](https://github.com/anthropics/claude-agent-sdk-typescript) | `0.3.143` | `0.3.204` |
    | [@anthropic-ai/sdk](https://github.com/anthropics/anthropic-sdk-typescript) | `0.106.0` | `0.110.0` |
    | @cipherstash/auth-darwin-arm64 | `0.41.0` | `0.42.0` |
    | @cipherstash/auth-darwin-x64 | `0.41.0` | `0.42.0` |
    | @cipherstash/auth-linux-arm64-gnu | `0.41.0` | `0.42.0` |
    | @cipherstash/auth-linux-x64-gnu | `0.41.0` | `0.42.0` |
    | @cipherstash/auth-linux-x64-musl | `0.41.0` | `0.42.0` |
    | @cipherstash/auth-win32-x64-msvc | `0.41.0` | `0.42.0` |
    | [@clerk/nextjs](https://github.com/clerk/javascript/tree/HEAD/packages/nextjs) | `7.3.5` | `7.5.14` |
    | [next](https://github.com/vercel/next.js) | `15.5.18` | `15.5.20` |
    | [tsx](https://github.com/privatenumber/tsx) | `4.22.1` | `4.23.0` |
    | [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `3.2.6` | `3.2.7` |
    | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `8.0.13` | `8.1.3` |
    
    
    
    Updates `pg` from 8.20.0 to 8.22.0
    - [Changelog](https://github.com/brianc/node-postgres/blob/master/CHANGELOG.md)
    - [Commits](https://github.com/brianc/node-postgres/commits/pg@8.22.0/packages/pg)
    
    Updates `@clack/prompts` from 1.4.0 to 1.7.0
    - [Release notes](https://github.com/bombshell-dev/clack/releases)
    - [Changelog](https://github.com/bombshell-dev/clack/blob/main/packages/prompts/CHANGELOG.md)
    - [Commits](https://github.com/bombshell-dev/clack/commits/@clack/prompts@1.7.0/packages/prompts)
    
    Updates `posthog-node` from 5.34.2 to 5.40.0
    - [Release notes](https://github.com/PostHog/posthog-js/releases)
    - [Changelog](https://github.com/PostHog/posthog-js/blob/main/packages/node/CHANGELOG.md)
    - [Commits](https://github.com/PostHog/posthog-js/commits/posthog-node@5.40.0/packages/node)
    
    Updates `@rollup/rollup-linux-x64-gnu` from 4.60.4 to 4.62.2
    - [Release notes](https://github.com/rollup/rollup/releases)
    - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
    - [Commits](rollup/rollup@v4.60.4...v4.62.2)
    
    Updates `arktype` from 2.2.0 to 2.2.3
    - [Release notes](https://github.com/arktypeio/arktype/releases)
    - [Changelog](https://github.com/arktypeio/arktype/blob/main/ark/type/CHANGELOG.md)
    - [Commits](https://github.com/arktypeio/arktype/commits/arktype@2.2.3/ark/type)
    
    Updates `@cipherstash/protect-ffi` from 0.23.0 to 0.28.0
    - [Release notes](https://github.com/cipherstash/protectjs-ffi/releases)
    - [Changelog](https://github.com/cipherstash/protectjs-ffi/blob/main/CHANGELOG.md)
    - [Commits](cipherstash/protectjs-ffi@v0.23.0...v0.28.0)
    
    Updates `@stricli/core` from 1.2.7 to 1.2.9
    - [Release notes](https://github.com/bloomberg/stricli/releases)
    - [Changelog](https://github.com/bloomberg/stricli/blob/main/CHANGELOG.md)
    - [Commits](bloomberg/stricli@v1.2.7...v1.2.9)
    
    Updates `uuid` from 14.0.0 to 14.0.1
    - [Release notes](https://github.com/uuidjs/uuid/releases)
    - [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
    - [Commits](uuidjs/uuid@v14.0.0...v14.0.1)
    
    Updates `@anthropic-ai/claude-agent-sdk` from 0.3.143 to 0.3.204
    - [Release notes](https://github.com/anthropics/claude-agent-sdk-typescript/releases)
    - [Changelog](https://github.com/anthropics/claude-agent-sdk-typescript/blob/main/CHANGELOG.md)
    - [Commits](anthropics/claude-agent-sdk-typescript@v0.3.143...v0.3.204)
    
    Updates `@anthropic-ai/sdk` from 0.106.0 to 0.110.0
    - [Release notes](https://github.com/anthropics/anthropic-sdk-typescript/releases)
    - [Changelog](https://github.com/anthropics/anthropic-sdk-typescript/blob/main/CHANGELOG.md)
    - [Commits](anthropics/anthropic-sdk-typescript@sdk-v0.106.0...sdk-v0.110.0)
    
    Updates `@cipherstash/auth-darwin-arm64` from 0.41.0 to 0.42.0
    
    Updates `@cipherstash/auth-darwin-x64` from 0.41.0 to 0.42.0
    
    Updates `@cipherstash/auth-linux-arm64-gnu` from 0.41.0 to 0.42.0
    
    Updates `@cipherstash/auth-linux-x64-gnu` from 0.41.0 to 0.42.0
    
    Updates `@cipherstash/auth-linux-x64-musl` from 0.41.0 to 0.42.0
    
    Updates `@cipherstash/auth-win32-x64-msvc` from 0.41.0 to 0.42.0
    
    Updates `@clerk/nextjs` from 7.3.5 to 7.5.14
    - [Release notes](https://github.com/clerk/javascript/releases)
    - [Changelog](https://github.com/clerk/javascript/blob/main/packages/nextjs/CHANGELOG.md)
    - [Commits](https://github.com/clerk/javascript/commits/@clerk/nextjs@7.5.14/packages/nextjs)
    
    Updates `next` from 15.5.18 to 15.5.20
    - [Release notes](https://github.com/vercel/next.js/releases)
    - [Commits](vercel/next.js@v15.5.18...v15.5.20)
    
    Updates `tsx` from 4.22.1 to 4.23.0
    - [Release notes](https://github.com/privatenumber/tsx/releases)
    - [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs)
    - [Commits](privatenumber/tsx@v4.22.1...v4.23.0)
    
    Updates `vitest` from 3.2.6 to 3.2.7
    - [Release notes](https://github.com/vitest-dev/vitest/releases)
    - [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
    - [Commits](https://github.com/vitest-dev/vitest/commits/v3.2.7/packages/vitest)
    
    Updates `vite` from 8.0.13 to 8.1.3
    - [Release notes](https://github.com/vitejs/vite/releases)
    - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
    - [Commits](https://github.com/vitejs/vite/commits/v8.1.3/packages/vite)
    
    ---
    updated-dependencies:
    - dependency-name: pg
      dependency-version: 8.22.0
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    - dependency-name: "@clack/prompts"
      dependency-version: 1.7.0
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    - dependency-name: posthog-node
      dependency-version: 5.40.0
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    - dependency-name: "@rollup/rollup-linux-x64-gnu"
      dependency-version: 4.62.2
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    - dependency-name: arktype
      dependency-version: 2.2.3
      dependency-type: direct:production
      update-type: version-update:semver-patch
      dependency-group: production-minor-patch
    - dependency-name: "@cipherstash/protect-ffi"
      dependency-version: 0.28.0
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    - dependency-name: "@stricli/core"
      dependency-version: 1.2.9
      dependency-type: direct:production
      update-type: version-update:semver-patch
      dependency-group: production-minor-patch
    - dependency-name: uuid
      dependency-version: 14.0.1
      dependency-type: direct:production
      update-type: version-update:semver-patch
      dependency-group: production-minor-patch
    - dependency-name: "@anthropic-ai/claude-agent-sdk"
      dependency-version: 0.3.204
      dependency-type: direct:production
      update-type: version-update:semver-patch
      dependency-group: production-minor-patch
    - dependency-name: "@anthropic-ai/sdk"
      dependency-version: 0.110.0
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    - dependency-name: "@cipherstash/auth-darwin-arm64"
      dependency-version: 0.42.0
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    - dependency-name: "@cipherstash/auth-darwin-x64"
      dependency-version: 0.42.0
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    - dependency-name: "@cipherstash/auth-linux-arm64-gnu"
      dependency-version: 0.42.0
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    - dependency-name: "@cipherstash/auth-linux-x64-gnu"
      dependency-version: 0.42.0
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    - dependency-name: "@cipherstash/auth-linux-x64-musl"
      dependency-version: 0.42.0
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    - dependency-name: "@cipherstash/auth-win32-x64-msvc"
      dependency-version: 0.42.0
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    - dependency-name: "@clerk/nextjs"
      dependency-version: 7.5.14
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    - dependency-name: next
      dependency-version: 15.5.20
      dependency-type: direct:production
      update-type: version-update:semver-patch
      dependency-group: production-minor-patch
    - dependency-name: tsx
      dependency-version: 4.23.0
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    - dependency-name: vitest
      dependency-version: 3.2.7
      dependency-type: direct:production
      update-type: version-update:semver-patch
      dependency-group: production-minor-patch
    - dependency-name: vite
      dependency-version: 8.1.3
      dependency-type: direct:production
      update-type: version-update:semver-minor
      dependency-group: production-minor-patch
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 15, 2026
    @dependabot
    dependabot Bot requested a review from a team as a code owner July 15, 2026 19:16
    @dependabot @github

    dependabot Bot commented on behalf of github Jul 15, 2026

    Copy link
    Copy Markdown
    Contributor Author

    Labels

    The following labels could not be found: supply-chain. Please create it before Dependabot can add it to a pull request.

    Please fix the above issues or remove invalid values from dependabot.yml.

    @dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 15, 2026
    @changeset-bot

    changeset-bot Bot commented Jul 15, 2026

    Copy link
    Copy Markdown

    ⚠️ No Changeset found

    Latest commit: a04fb60

    Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

    This PR includes no changesets

    When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

    Click here to learn what changesets are, and how to add one.

    Click here if you're a maintainer who wants to add a changeset to this PR

    @coderdan

    Copy link
    Copy Markdown
    Contributor

    Superseded by #673 — same change re-pushed from a maintainer branch so CI runs with the repo secrets the dependabot actor doesn't receive.

    @coderdan coderdan closed this Jul 16, 2026
    @dependabot @github

    dependabot Bot commented on behalf of github Jul 16, 2026

    Copy link
    Copy Markdown
    Contributor Author

    This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

    To ignore these dependencies, configure ignore rules in dependabot.yml

    @dependabot
    dependabot Bot deleted the dependabot/npm_and_yarn/production-minor-patch-ddb2d0cc49 branch July 16, 2026 06:53
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

    Labels

    dependencies Pull requests that update a dependency file

    Projects

    None yet

    Development

    Successfully merging this pull request may close these issues.

    1 participant