deps: bump the dependencies-minor group across 1 directory with 14 updates

[dependabot]

Bumps the dependencies-minor group with 14 updates in the / directory:

Package	From	To
@fontsource-variable/figtree	5.2.8	5.2.10
@fontsource/ibm-plex-mono	5.2.6	5.2.7
@hookform/resolvers	5.1.1	5.2.2
@oddbird/css-anchor-positioning	0.6.1	0.7.0
next	15.5.2	15.5.4
react	19.1.0	19.2.0
@types/react	19.1.8	19.2.2
react-dom	19.1.0	19.2.0
@types/react-dom	19.1.6	19.2.1
react-hook-form	7.60.0	7.64.0
zod	4.1.5	4.1.12
@playwright/test	1.54.1	1.56.0
sass	1.89.2	1.93.2
typescript	5.8.3	5.9.3

Updates @fontsource-variable/figtree from 5.2.8 to 5.2.10

Commits

• See full diff in compare view

Updates @fontsource/ibm-plex-mono from 5.2.6 to 5.2.7

Commits

• See full diff in compare view

Updates @hookform/resolvers from 5.1.1 to 5.2.2

Release notes

Sourced from @​hookform/resolvers's releases.

v5.2.2

5.2.2 (2025-09-14)

Bug Fixes

• zod: fix output type for Zod 4 resolver (#803) (e95721d)

v5.2.1

5.2.1 (2025-07-29)

Bug Fixes

• discriminated union for zod v4 mini (#784) (49a0d7b)
• zod v4 peer deps (#798) (2d28e6a)
• zod: fix output type for Zod 4 resolver (#801) (bc09647)

v5.2.0

5.2.0 (2025-07-25)

Features

• ajv: add ajv-formats for ajvResolver (#797) (f040039)

Commits

• e95721d fix(zod): fix output type for Zod 4 resolver (#803)
• 49a0d7b fix: discriminated union for zod v4 mini (#784)
• bc09647 fix(zod): fix output type for Zod 4 resolver (#801)
• 2d28e6a fix: zod v4 peer deps (#798)
• f040039 feat(ajv): add ajv-formats for ajvResolver (#797)
• See full diff in compare view

Updates @oddbird/css-anchor-positioning from 0.6.1 to 0.7.0

Release notes

Sourced from @​oddbird/css-anchor-positioning's releases.

v0.7.0

What's Changed

• 🚀 Work with anchor and target inside same shadow root by @​wkillerud in oddbird/css-anchor-positioning#353
• 🏠 INTERNAL: Upgrade dependencies

New Contributors

• @​wkillerud made their first contribution in oddbird/css-anchor-positioning#353

Full Changelog: oddbird/css-anchor-positioning@v0.6.1...v0.7.0

Commits

• 40f3a89 v0.7.0
• db16313 Work with anchor and target inside same shadow root (#353)
• b18b8ed Merge pull request #352 from oddbird/dependabot/npm_and_yarn/dev-9d451710aa
• ea505c5 Merge pull request #351 from oddbird/dependabot/npm_and_yarn/prod-8404f4c51f
• d4bbb67 chore(deps-dev): Bump the dev group with 13 updates
• ae3512f chore(deps): Bump the prod group with 2 updates
• 2f9b4c5 Merge pull request #348 from oddbird/dependabot/npm_and_yarn/npm_and_yarn-f5c...
• 98ccee3 chore(deps-dev): Bump vite in the npm_and_yarn group across 1 directory
• 15ebcc0 Merge pull request #346 from oddbird/dependabot/github_actions/actions/setup-...
• 2cc99a6 Merge pull request #347 from oddbird/dependabot/github_actions/actions/setup-...
• Additional commits viewable in compare view

Updates next from 15.5.2 to 15.5.4

Release notes

Sourced from next's releases.

v15.5.4

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• fix: ensure onRequestError is invoked when otel enabled (#83343)
• fix: devtools initial position should be from next config (#83571)
• [devtool] fix overlay styles are missing (#83721)
• Turbopack: don't match dynamic pattern for node_modules packages (#83176)
• Turbopack: don't treat metadata routes as RSC (#82911)
• [turbopack] Improve handling of symlink resolution errors in track_glob and read_glob (#83357)
• Turbopack: throw large static metadata error earlier (#82939)
• fix: error overlay not closing when backdrop clicked (#83981)
• Turbopack: flush Node.js worker IPC on error (#84077)

Misc Changes

• [CNA] use linter preference (#83194)
• CI: use KV for test timing data (#83745)
• docs: september improvements and fixes (#83997)

Credits

Huge thanks to @​yiminghe, @​huozhi, @​devjiwonchoi, @​mischnic, @​lukesandberg, @​ztanner, @​icyJoseph, @​leerob, @​fufuShih, @​dwrth, @​aymericzip, @​obendev, @​molebox, @​OoMNoO, @​pontasan, @​styfle, @​HondaYt, @​ryuapp, @​lpalmes, and @​ijjk for helping!

v15.5.3

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• fix: validation return types of pages API routes (#83069)
• fix: relative paths in dev in validator.ts (#83073)
• fix: remove satisfies keyword from type validation to preserve old TS compatibility (#83071)

Credits

Huge thanks to @​bgub for helping!

Commits

• 40f1d78 v15.5.4
• cb30f0a [backport] docs: september improvements and fixes (#83997)
• b6a32bb [backport] [CNA] use linter preference (#83194) (#84087)
• 26d61f1 [backport] Turbopack: flush Node.js worker IPC on error (#84079)
• e11e87a [backport] fix: error overlay not closing when backdrop clicked (#83981) (#83...
• 0a29888 [backport] fix: devtools initial position should be from next config (#83571)...
• 7a53950 [backport] Turbopack: don't treat metadata routes as RSC (#83804)
• 050bdf1 [backport] Turbopack: throw large static metadata error earlier (#83816)
• 1f6ea09 [backport] Turbopack: Improve handling of symlink resolution errors (#83805)
• c7d1855 [backport] CI: use KV for test timing data (#83860)
• Additional commits viewable in compare view

Updates react from 19.1.0 to 19.2.0

Release notes

Sourced from react's releases.

19.2.0 (Oct 1, 2025)

Below is a list of all new features, APIs, and bug fixes.

Read the React 19.2 release post for more information.

New React Features

• <Activity>: A new API to hide and restore the UI and internal state of its children.
• useEffectEvent is a React Hook that lets you extract non-reactive logic into an Effect Event.
• cacheSignal (for RSCs) lets your know when the cache() lifetime is over.
• React Performance tracks appear on the Performance panel’s timeline in your browser developer tools

New React DOM Features

• Added resume APIs for partial pre-rendering with Web Streams:
  • resume: to resume a prerender to a stream.
  • resumeAndPrerender: to resume a prerender to HTML.
• Added resume APIs for partial pre-rendering with Node Streams:
  • resumeToPipeableStream: to resume a prerender to a stream.
  • resumeAndPrerenderToNodeStream: to resume a prerender to HTML.
• Updated prerender APIs to return a postponed state that can be passed to the resume APIs.

Notable changes

• React DOM now batches suspense boundary reveals, matching the behavior of client side rendering. This change is especially noticeable when animating the reveal of Suspense boundaries e.g. with the upcoming <ViewTransition> Component. React will batch as much reveals as possible before the first paint while trying to hit popular first-contentful paint metrics.
• Add Node Web Streams (prerender, renderToReadableStream) to server-side-rendering APIs for Node.js
• Use underscore instead of : IDs generated by useId

All Changes

React

• <Activity /> was developed over many years, starting before ClassComponent.setState (@​acdlite @​sebmarkbage and many others)
• Stringify context as "SomeContext" instead of "SomeContext.Provider" (@​kassens #33507)
• Include stack of cause of React instrumentation errors with %o placeholder (@​eps1lon #34198)
• Fix infinite useDeferredValue loop in popstate event (@​acdlite #32821)
• Fix a bug when an initial value was passed to useDeferredValue (@​acdlite #34376)
• Fix a crash when submitting forms with Client Actions (@​sebmarkbage #33055)
• Hide/unhide the content of dehydrated suspense boundaries if they resuspend (@​sebmarkbage #32900)
• Avoid stack overflow on wide trees during Hot Reload (@​sophiebits #34145)
• Improve Owner and Component stacks in various places (@​sebmarkbage, @​eps1lon: #33629, #33724, #32735, #33723)
• Add cacheSignal (@​sebmarkbage #33557)

React DOM

• Block on Suspensey Fonts during reveal of server-side-rendered content (@​sebmarkbage #33342)
• Use underscore instead of : for IDs generated by useId (@​sebmarkbage, @​eps1lon: #32001, facebook/react#33342#33099, #33422)
• Stop warning when ARIA 1.3 attributes are used (@​Abdul-Omira #34264)
• Allow nonce to be used on hoistable styles (@​Andarist #32461)
• Warn for using a React owned node as a Container if it also has text content (@​sebmarkbage #32774)

... (truncated)

Changelog

Sourced from react's changelog.

19.2.0 (October 1st, 2025)

Below is a list of all new features, APIs, and bug fixes.

Read the React 19.2 release post for more information.

New React Features

• <Activity>: A new API to hide and restore the UI and internal state of its children.
• useEffectEvent is a React Hook that lets you extract non-reactive logic into an Effect Event.
• cacheSignal (for RSCs) lets your know when the cache() lifetime is over.
• React Performance tracks appear on the Performance panel’s timeline in your browser developer tools

New React DOM Features

• Added resume APIs for partial pre-rendering with Web Streams:
  • resume: to resume a prerender to a stream.
  • resumeAndPrerender: to resume a prerender to HTML.
• Added resume APIs for partial pre-rendering with Node Streams:
  • resumeToPipeableStream: to resume a prerender to a stream.
  • resumeAndPrerenderToNodeStream: to resume a prerender to HTML.
• Updated prerender APIs to return a postponed state that can be passed to the resume APIs.

Notable changes

• React DOM now batches suspense boundary reveals, matching the behavior of client side rendering. This change is especially noticeable when animating the reveal of Suspense boundaries e.g. with the upcoming <ViewTransition> Component. React will batch as much reveals as possible before the first paint while trying to hit popular first-contentful paint metrics.
• Add Node Web Streams (prerender, renderToReadableStream) to server-side-rendering APIs for Node.js
• Use underscore instead of : IDs generated by useId

All Changes

React

• <Activity /> was developed over many years, starting before ClassComponent.setState (@​acdlite @​sebmarkbage and many others)
• Stringify context as "SomeContext" instead of "SomeContext.Provider" (@​kassens #33507)
• Include stack of cause of React instrumentation errors with %o placeholder (@​eps1lon #34198)
• Fix infinite useDeferredValue loop in popstate event (@​acdlite #32821)
• Fix a bug when an initial value was passed to useDeferredValue (@​acdlite #34376)
• Fix a crash when submitting forms with Client Actions (@​sebmarkbage #33055)
• Hide/unhide the content of dehydrated suspense boundaries if they resuspend (@​sebmarkbage #32900)
• Avoid stack overflow on wide trees during Hot Reload (@​sophiebits #34145)
• Improve Owner and Component stacks in various places (@​sebmarkbage, @​eps1lon: #33629, #33724, #32735, #33723)
• Add cacheSignal (@​sebmarkbage #33557)

React DOM

• Block on Suspensey Fonts during reveal of server-side-rendered content (@​sebmarkbage #33342)
• Use underscore instead of : for IDs generated by useId (@​sebmarkbage, @​eps1lon: #32001, facebook/react#33342#33099, #33422)
• Stop warning when ARIA 1.3 attributes are used (@​Abdul-Omira #34264)
• Allow nonce to be used on hoistable styles (@​Andarist #32461)

... (truncated)

Commits

• 5667a41 Bump next prerelease version numbers (#34639)
• 8bb7241 Bump useEffectEvent to Canary (#34610)
• e3c9656 Ensure Performance Track are Clamped and Don't overlap (#34509)
• 68f00c9 Release Activity in Canary (#34374)
• 0e10ee9 [Reconciler] Set ProfileMode for Host Root Fiber by default in dev (#34432)
• 3bf8ab4 Add missing Activity export to development mode (#34439)
• 1549bda [Flight] Only assign _store in dev mode when creating lazy types (#34354)
• bb6f0c8 [Flight] Fix wrong missing key warning when static child is blocked (#34350)
• 05addfc Update Flow to 0.266 (#34271)
• ec5dd0a Update Flow to 0.257 (#34253)
• Additional commits viewable in compare view

Updates @types/react from 19.1.8 to 19.2.2

Commits

• See full diff in compare view

Updates react-dom from 19.1.0 to 19.2.0

Release notes

Sourced from react-dom's releases.

19.2.0 (Oct 1, 2025)

Below is a list of all new features, APIs, and bug fixes.

Read the React 19.2 release post for more information.

New React Features

• <Activity>: A new API to hide and restore the UI and internal state of its children.
• useEffectEvent is a React Hook that lets you extract non-reactive logic into an Effect Event.
• cacheSignal (for RSCs) lets your know when the cache() lifetime is over.
• React Performance tracks appear on the Performance panel’s timeline in your browser developer tools

New React DOM Features

• Added resume APIs for partial pre-rendering with Web Streams:
  • resume: to resume a prerender to a stream.
  • resumeAndPrerender: to resume a prerender to HTML.
• Added resume APIs for partial pre-rendering with Node Streams:
  • resumeToPipeableStream: to resume a prerender to a stream.
  • resumeAndPrerenderToNodeStream: to resume a prerender to HTML.
• Updated prerender APIs to return a postponed state that can be passed to the resume APIs.

Notable changes

• React DOM now batches suspense boundary reveals, matching the behavior of client side rendering. This change is especially noticeable when animating the reveal of Suspense boundaries e.g. with the upcoming <ViewTransition> Component. React will batch as much reveals as possible before the first paint while trying to hit popular first-contentful paint metrics.
• Add Node Web Streams (prerender, renderToReadableStream) to server-side-rendering APIs for Node.js
• Use underscore instead of : IDs generated by useId

All Changes

React

• <Activity /> was developed over many years, starting before ClassComponent.setState (@​acdlite @​sebmarkbage and many others)
• Stringify context as "SomeContext" instead of "SomeContext.Provider" (@​kassens #33507)
• Include stack of cause of React instrumentation errors with %o placeholder (@​eps1lon #34198)
• Fix infinite useDeferredValue loop in popstate event (@​acdlite #32821)
• Fix a bug when an initial value was passed to useDeferredValue (@​acdlite #34376)
• Fix a crash when submitting forms with Client Actions (@​sebmarkbage #33055)
• Hide/unhide the content of dehydrated suspense boundaries if they resuspend (@​sebmarkbage #32900)
• Avoid stack overflow on wide trees during Hot Reload (@​sophiebits #34145)
• Improve Owner and Component stacks in various places (@​sebmarkbage, @​eps1lon: #33629, #33724, #32735, #33723)
• Add cacheSignal (@​sebmarkbage #33557)

React DOM

• Block on Suspensey Fonts during reveal of server-side-rendered content (@​sebmarkbage #33342)
• Use underscore instead of : for IDs generated by useId (@​sebmarkbage, @​eps1lon: #32001, facebook/react#33342#33099, #33422)
• Stop warning when ARIA 1.3 attributes are used (@​Abdul-Omira #34264)
• Allow nonce to be used on hoistable styles (@​Andarist #32461)
• Warn for using a React owned node as a Container if it also has text content (@​sebmarkbage #32774)

... (truncated)

Changelog

Sourced from react-dom's changelog.

19.2.0 (October 1st, 2025)

Below is a list of all new features, APIs, and bug fixes.

Read the React 19.2 release post for more information.

New React Features

• <Activity>: A new API to hide and restore the UI and internal state of its children.
• useEffectEvent is a React Hook that lets you extract non-reactive logic into an Effect Event.
• cacheSignal (for RSCs) lets your know when the cache() lifetime is over.
• React Performance tracks appear on the Performance panel’s timeline in your browser developer tools

New React DOM Features

• Added resume APIs for partial pre-rendering with Web Streams:
  • resume: to resume a prerender to a stream.
  • resumeAndPrerender: to resume a prerender to HTML.
• Added resume APIs for partial pre-rendering with Node Streams:
  • resumeToPipeableStream: to resume a prerender to a stream.
  • resumeAndPrerenderToNodeStream: to resume a prerender to HTML.
• Updated prerender APIs to return a postponed state that can be passed to the resume APIs.

Notable changes

• React DOM now batches suspense boundary reveals, matching the behavior of client side rendering. This change is especially noticeable when animating the reveal of Suspense boundaries e.g. with the upcoming <ViewTransition> Component. React will batch as much reveals as possible before the first paint while trying to hit popular first-contentful paint metrics.
• Add Node Web Streams (prerender, renderToReadableStream) to server-side-rendering APIs for Node.js
• Use underscore instead of : IDs generated by useId

All Changes

React

• <Activity /> was developed over many years, starting before ClassComponent.setState (@​acdlite @​sebmarkbage and many others)
• Stringify context as "SomeContext" instead of "SomeContext.Provider" (@​kassens #33507)
• Include stack of cause of React instrumentation errors with %o placeholder (@​eps1lon #34198)
• Fix infinite useDeferredValue loop in popstate event (@​acdlite #32821)
• Fix a bug when an initial value was passed to useDeferredValue (@​acdlite #34376)
• Fix a crash when submitting forms with Client Actions (@​sebmarkbage #33055)
• Hide/unhide the content of dehydrated suspense boundaries if they resuspend (@​sebmarkbage #32900)
• Avoid stack overflow on wide trees during Hot Reload (@​sophiebits #34145)
• Improve Owner and Component stacks in various places (@​sebmarkbage, @​eps1lon: #33629, #33724, #32735, #33723)
• Add cacheSignal (@​sebmarkbage #33557)

React DOM

• Block on Suspensey Fonts during reveal of server-side-rendered content (@​sebmarkbage #33342)
• Use underscore instead of : for IDs generated by useId (@​sebmarkbage, @​eps1lon: #32001, facebook/react#33342#33099, #33422)
• Stop warning when ARIA 1.3 attributes are used (@​Abdul-Omira #34264)
• Allow nonce to be used on hoistable styles (@​Andarist #32461)

... (truncated)

Commits

• 8618113 Bump scheduler version (#34671)
• 1bd1f01 Ship partial-prerendering APIs to Canary (#34633)
• 2f0649a [Fizz] Remove nonce option from resume-and-prerender APIs (#34664)
• 5667a41 Bump next prerelease version numbers (#34639)
• e08f53b Match react-dom/static test entrypoints and published entrypoints (#34599)
• 8bb7241 Bump useEffectEvent to Canary (#34610)
• 83c88ad Handle fabric root level fragment with compareDocumentPosition (#34533)
• 68f00c9 Release Activity in Canary (#34374)
• 3168e08 [flags] enable opt-in for enableDefaultTransitionIndicator (#34373)
• 3434ff4 Add scrollIntoView to fragment instances (#32814)
• Additional commits viewable in compare view

Updates @types/react-dom from 19.1.6 to 19.2.1

Commits

• See full diff in compare view

Updates react-hook-form from 7.60.0 to 7.64.0

Release notes

Sourced from react-hook-form's releases.

Version 7.64.0

🚏 Support optional array fields in PathValueImpl type (#13057) 🐞 fix: preserve Controller's defaultValue with shouldUnregister prop (#13063) ✂ chore: remove unused field ids ref in useFieldArray (#13066)

thanks to @​MPrieur-chaps, @​gynekolog & @​uk960214

Version 7.63.0

🥢 feat: extract form values by form state (#12936)

getValues(undefined, { dirtyFields: true }); // return only dirty fields 
getValues(undefined, { touchedFields: true });  // return only touched fields 

🦍 feat: improve get dirty fields logic (#13049) 🐿️ chore: remove duplicated function isMessage (#13050) 🐞 fix: use field name to update isValidating fields (#13000) 🐞 fix: unregister previous field when switching conditional Controllers (#13041) 🐞 fix: only excuse trigger function when deps has a valid array (#13056)

thanks to @​candymask0712, @​GorkemKir, @​kimtaejin3, @​m2na7 & @​abnud11

Version 7.62.0

👨‍🔧 prevent onBlur for readOnly fields (#12971) 🐞 fix #12988 sync two defaultValues after reset with new defaultValues (#12990) 🐞 fix: do not override prototype of data in cloneObject (#12985) 🐞 fix field name type conflict in nested FieldErrors (#12972)

thanks to @​candymask0712, @​Adityapradh, @​Ty3uK & @​kichikawa57

Version 7.61.1

Revert "⌨️ fix: watch return type based on defaultValue (#12896)"

Version 7.61.0

🧮 feat: compute prop for useWatch subscription (#12503)

• subscribe to the entire form but only return updated value with certain condition

type FormValue = {
  test: string;
}
const watchedValue = useWatch({
control: methods.control,
compute: (data: FormValue) => {
if (data.test?.length) {
return data.test;
}
</tr></table>

... (truncated)

Commits

• 87d8b77 7.64.0
• 6c3b8f7 🥃 chore: upgrade dev deps (#13076)
• 23c699a ✂ chore: remove unused field ids ref in useFieldArray (#13066)
• 37f51ac 🐞 fix: preserve Controller's defaultValue with shouldUnregister prop (#13063)
• 8d61561 🚏 Support optional array fields in PathValueImpl type (#13057)
• b5b7329 7.63.0
• 86a7fb3 🐞 fix: only excuse trigger function when deps has a valid array (#13056)
• 4bfd420 🏔️ chore: major dev deps upgrade (#13053)
• 66b7daf 🔩 chore: lib dev deps upgrade (#13051)
• 62b26d8 🐿️ chore: remove duplicated function isMessage (#13050)
• Additional commits viewable in compare view

Updates zod from 4.1.5 to 4.1.12

Release notes

Sourced from zod's releases.

v4.1.12

Commits:

• 0b109c37c6b0b10e3901b56bcccb72e29a0b846f docs(ecosystem): add bupkis to the ecosystem section (#5237)
• d22ec0d26fab27151b0f1d1f98bffeaf8b011f57 docs(ecosystem): add upfetch (#5238)
• c56a4f6fab42c542b191228af61974b2328dc52f docs(ecosystem): add eslint-plugin-zod-x (#5261)
• a0abcc02900a4293dd4f30cd81580efcdd5230bb docs(metadata.mdx): fix a mistake in an example output (#5248)
• 62bf4e439e287e55c843245b49f8d34b1ad024ee fix(ZodError): prevent flatten() from crashing on 'toString' key (#5266)
• 02a584010ac92ac8a351632ae5aea3983a6f17d8 refac(errors): Unify code structure and improve types (#5278)
• 4b1922ad714e12dafaa83a40ec03275a39ac980c docs(content/v4/index): fix zod version (#5289)
• 3fcb20ff348e49aec70f45e0dca3de8a61450e77 Add frrm to ecosystem (#5292)
• fda4c7c2afbd7649261be1e7954f8c4d4de24a07 Make docs work without token
• af447384379faef28aa857fb53ef1da702c6d408 Fix lint
• 77c3c9f069a4cf168c0cbc58432803de887a6b1b Export bg.ts
• 3b946107b6c94b2ac8ff9fb451160c34dc4dd794 v4.1.12

v4.1.11

Commits:

• 2bed4b39760d8e4d678203b5c8fcaf24c182fc9f 4.1.11

v4.1.10

Commits:

• 7ffedd00169d8dc2e7cb7c6d878f29b03e05b3a3 Fix shape caching (#5263)
• 82cd717a0e7ee4e1737a783c7be278fa93fd8104 v4.1.10

v4.1.9

Commits:

• a78716d91da7649a61016b81c27f49fd9e79a81e Update zshy (#5249)
• 923af801fde9f033cfd7e0e753b421a554fe3be8 Publish [email protected]

v4.1.8

Commits:

• 36c4ee354d0c1f47b7311e49f6dd4b7a11de04f5 Switch back to weakmap
• a1726d53172ba52ecf90999df73778cf416264fd 4.1.8

v4.1.7

Commits:

• 0cca351c8b152d7c4113ab7c2a44675efb060677 Fix variable name inconsistency in coercion documentation (#5188)
• aa78c270f1b43f4665339f4b61e7cb88037b8c84 Add copy/edit buttons
• 76452d4119d800a722b692755c1168627bc95f0f Update button txt
• 937f73c90cac90bd3b99b12c792c289b50416510 Fix tsconfig issue in bench
• 976b43657d4aff6d47c73c1c86125623ea08752d v4.1.6 (#5222)
• 4309c61304daf40aab2124b5f513abe2b4df8637 Fix cidrv6 validation - cidrv6 should reject invalid strings with multiple slashes (#5196)
• ef95a73b6d33299743e5ff4f0645b98c1b0d6f72 feat(locales): Add Lithuanian (lt) locale (#5210)
• 3803f3f37168212f2178e8b8deceb7bad78ed904 docs: update wrong contents in codeblocks in api.mdx (#5209)

... (truncated)

Commits

• 3b94610 v4.1.12
• 77c3c9f Export bg.ts
• af44738 Fix lint
• fda4c7c Make docs work without token
• 3fcb20f Add frrm to ecosystem (#5292)
• 4b1922a docs(content/v4/index): fix zod version (#5289)
• 02a5840 refac(errors): Unify code structure and improve types (#5278)
• 62bf4e4 fix(ZodError): prevent flatten() from crashing on 'toString' key (#5266)
• a0abcc0 docs(metadata.mdx): fix a mistake in an example output (#5248)
• c56a4f6 docs(ecosystem): add eslint-plugin-zod-x (#5261)
• Additional commits viewable in compare view

Updates @playwright/test from 1.54.1 to 1.56.0

Release notes

Sourced from @​playwright/test's releases.

v1.56.0

Playwright Agents

Introducing Playwright Agents, three custom agent definitions designed to guide LLMs through the core process of building a Playwright test:

• 🎭 planner explores the app and produces a Markdown test plan
• 🎭 generator transforms the Markdown plan into the Playwright Test files
• 🎭 healer executes the test suite and automatically repairs failing tests

Run npx playwright init-agents with your client of choice to generate the latest agent definitions:

# Generate agent files for each agentic loop
# Visual Studio Code
npx playwright init-agents --loop=vscode
# Claude Code
npx playwright init-agents --loop=claude
# opencode
npx playwright init-agents --loop=opencode

[!NOTE] VS Code v1.105 (currently on the VS Code Insiders channel) is needed for the agentic experience in VS Code. It will become stable shortly, we are a bit ahead of times with this functionality!

Learn more about Playwright Agents

New APIs

• New methods page.consoleMessages() and page.pageErrors() for retrieving the most recent console messages from the page
• New method

[fossabot]

[fossabot]

✓ Safe to upgrade

I recommend merging this upgrade because the changes are primarily minor version updates that include bug fixes and new features without introducing breaking changes that affect this codebase. The application already meets the Node.js requirement, doesn't use any deprecated APIs that were flagged, doesn't use useFieldArray from react-hook-form, and doesn't have ESLint plugin configurations that would be affected by the flat config changes. The CVE-2025-29927 security vulnerability is resolved by upgrading Next.js to the patched version. The application uses standard React Hook Form patterns that remain compatible with the upgraded version, and no useId API is used that would be affected by the prefix change in React.

What we checked

• Node.js engine requirement is already >=20, meeting React 19.2.0's requirement of Node.js 18 or newer ^[1]
• Next.js upgraded from 15.5.2 to 15.5.4 (patch version), which includes security fixes for CVE-2025-29927 ^[2]
• React upgraded from 19.1.0 to 19.2.0 with useId prefix change, but codebase doesn't use useId ^[3]
• React Hook Form upgraded from 7.60.0 to 7.64.0 with useFieldArray field ids removal, but codebase doesn't use useFieldArray ^[4]
• Uses standard useForm hook from react-hook-form which remains fully compatible ^[5]
• Uses standard useForm hook from react-hook-form which remains fully compatible ^[6]
• Middleware implementation uses nosecone wrapper and doesn't manually handle x-middleware-subrequest headers ^[7]
• React 19.2.0 useId prefix change only affects applications using the useId hook for View Transitions ^[8]
• CVE-2025-29927 is patched in Next.js 15.2.3+, and this upgrade includes the fix ^[9]

Dependency Usage

This Next.js application is built around three core form-based features (email collection, rate limiting demo, and support requests) that use React Hook Form with Zod schema validation for type-safe data handling. The application employs custom fonts (Figtree Variable for sans-serif, IBM Plex Mono for code) and a CSS anchor positioning polyfill to support modern UI patterns across browsers, with Playwright providing end-to-end testing infrastructure. The dependency distribution reflects a form-centric architecture with validation and UI polish as primary concerns, while Next.js provides the foundational framework for routing, metadata, and server-side capabilities.

• @​hookform/resolvers: components/EmailForm.tsx:3 - The code is using zodResolver from @​hookform/resolvers/zod to validate form inputs by integrating Zod schema validation with React Hook Form, ensuring that form data meets specific validation rules before submission.
• @​hookform/resolvers: components/RLForm.tsx:3 - The code is using zodResolver from @​hookform/resolvers/zod to validate form inputs by integrating Zod schema validation with React Hook Form, allowing type-safe and runtime form validation.

View 47 more usages

• @​hookform/resolvers:

  example-nextjsu/components/SuppportForm.tsx

  Line 3 in f88a2f4

  import { zodResolver } from "@hookform/resolvers/zod";

  - The code is using zodResolver from @​hookform/resolvers/zod to validate form inputs by integrating Zod schema validation with React Hook Form, enabling type-safe and runtime form validation.
• next:

  example-nextjsu/app/layout.tsx

  Line 1 in f88a2f4

  import { Metadata } from "next";

  - This code is importing the Metadata type from Next.js, which is typically used to define and configure metadata for a page or layout, such as title, description, and other SEO-related properties in a Next.js application.
• next:

  example-nextjsu/app/layout.tsx

  Line 2 in f88a2f4

  import Image from "next/image";

  - This code is importing various Next.js built-in components and modules like Metadata, Image, Link, Script, and SVG assets, which are commonly used for structuring and enhancing web pages in a Next.js application.
• next:

  example-nextjsu/app/layout.tsx

  Line 3 in f88a2f4

  import Link from "next/link";

  - This code snippet is importing various Next.js built-in components and modules like Metadata, Image, Link, Script, and local SVG assets, which are commonly used for structuring and optimizing a Next.js application's layout and metadata.
• next:

  example-nextjsu/app/layout.tsx

  Line 4 in f88a2f4

  import Script from "next/script";

  - This code is importing Next.js components (Image, Link, Script) and SVG logo assets (LogoDark and LogoLight) for use in a layout component, leveraging Next.js's built-in optimization and routing features.
• next:

  example-nextjsu/app/page.tsx

  Line 1 in f88a2f4

  import Link from "next/link";

  - This code is setting up the main page component for a Next.js application, importing a Link component from Next.js and a custom WhatNext component, and attempting to retrieve an Arcjet site key from environment variables.
• next:

  example-nextjsu/components/EmailForm.tsx

  Line 4 in f88a2f4

  import { useRouter } from "next/navigation";

  - The code is importing useRouter from Next.js's next/navigation to enable programmatic navigation within a React component, likely to redirect users after form submission or handle routing-related logic.
• next:

  example-nextjsu/components/NavLink.tsx

  Line 3 in f88a2f4

  import Link from "next/link";

  - This code appears to be setting up a custom navigation link component in a Next.js application, likely to create a client-side rendered link with additional routing or active state functionality, as indicated by the "use client" directive and the import of Next.js navigation utilities.
• next:

  example-nextjsu/components/NavLink.tsx

  Line 4 in f88a2f4

  import { usePathname } from "next/navigation";

  - This code is importing the usePathname hook from Next.js's navigation module to help determine the current route's pathname, which can be used for highlighting active navigation links or conditionally rendering content based on the current page.
• next:

  example-nextjsu/components/SuppportForm.tsx

  Line 4 in f88a2f4

  import { useRouter } from "next/navigation";

  - The code is importing useRouter from Next.js's next/navigation to enable programmatic navigation and routing within a React component, likely to redirect users after form submission or handle navigation-related logic.
• next:

  example-nextjsu/app/attack/page.tsx

  Line 1 in f88a2f4

  import type { Metadata } from "next";

  - This code snippet is importing metadata and other necessary components for a Next.js page, likely setting up a page related to an attack or dashboard view, with potential routing and metadata configuration for the specific page.
• next:

  example-nextjsu/app/attack/page.tsx

  Line 2 in f88a2f4

  import { headers } from "next/headers";

  - In this Next.js code snippet, headers() is being imported from next/headers to access and retrieve HTTP headers server-side during server-side rendering or server components, allowing you to inspect incoming request headers in your React component.
• next:

  example-nextjsu/app/attack/page.tsx

  Line 3 in f88a2f4

  import Link from "next/link";

  - This code snippet appears to be importing various Next.js related modules and components for setting up metadata, handling headers, creating links, and likely preparing a page component for the "/attack" route in a Next.js application.
• next:

  example-nextjsu/app/bots/page.tsx

  Line 1 in f88a2f4

  import type { Metadata } from "next";

  - This code is importing metadata type definitions from Next.js, which are typically used to define page-level SEO and metadata properties for better search engine and social media optimization in a Next.js application.
• next:

  example-nextjsu/app/bots/page.tsx

  Line 2 in f88a2f4

  import { headers } from "next/headers";

  - In this Next.js code, the headers() function from next/headers is being imported and likely used to access server-side request headers during server-side rendering or in a server component.
• next:

  example-nextjsu/app/bots/page.tsx

  Line 3 in f88a2f4

  import Link from "next/link";

  - This code snippet appears to be importing various Next.js-related modules and components for a page that involves routing, metadata, and potentially dashboard navigation, though the import seems to be cut off mid-word for the last import.
• next:

  example-nextjsu/app/rate-limiting/page.tsx

  Line 1 in f88a2f4

  import type { Metadata } from "next";

  - This code appears to be importing the Metadata type from Next.js, which is typically used to define metadata for a page in a Next.js application, such as setting the page title, description, and other SEO-related information.
• next:

  example-nextjsu/app/rate-limiting/page.tsx

  Line 2 in f88a2f4

  import Link from "next/link";

  - This code snippet appears to be importing various components and types for a Next.js page related to rate limiting, specifically preparing to set up a page with metadata, links, form components, and potentially a sign-in mechanism.
• next:

  example-nextjsu/app/sensitive-info/page.tsx

  Line 1 in f88a2f4

  import type { Metadata } from "next";

  - This code is importing the Metadata type from Next.js, which is typically used to define metadata for a page, such as title, description, and other SEO-related properties that can be statically or dynamically set for a specific page in a Next.js application.
• next:

  example-nextjsu/app/sensitive-info/page.tsx

  Line 2 in f88a2f4

  import Link from "next/link";

  - This code is importing essential Next.js and custom components for constructing a page in a Next.js application, specifically importing metadata type definition, a Link component for client-side navigation, and two custom composition components (VisitDashboard and WhatNext) for rendering specific sections of the page.
• next:

  example-nextjsu/app/signup/page.tsx

  Line 1 in f88a2f4

  import type { Metadata } from "next";

  - In Next.js, this code is importing the Metadata type from Next.js, which allows you to define and configure metadata for a page, such as the page title, description, and other SEO-related information.
• next:

  example-nextjsu/app/signup/page.tsx

  Line 2 in f88a2f4

  import Link from "next/link";

  - This code is importing essential Next.js components and custom components for a signup page, including metadata handling, client-side navigation with Link, and custom composition components for dashboard and next-step interactions.
• next:

  example-nextjsu/components/compositions/VisitDashboard.tsx

  Line 1 in f88a2f4

  import Link from "next/link";

  - This code is importing the Next.js Link component, which provides client-side navigation between pages in a Next.js application, allowing for efficient, performant page transitions without full page reloads.
• next:

  example-nextjsu/components/compositions/WhatNext.tsx

  Line 1 in f88a2f4

  import Link from "next/link";

  - This code snippet appears to be a React component in Next.js that conditionally renders a section with a link or content based on a deployed prop, suggesting it's part of a "What's Next" or next steps section in an application, potentially showing different content depending on whether something has been deployed.
• next:

  example-nextjsu/app/attack/test/route.ts

  Line 1 in f88a2f4

  import { type NextRequest, NextResponse } from "next/server";

  - This code is importing and setting up Next.js server-side routing configuration for a dynamic route that will not be cached, likely in preparation for handling a specific API endpoint or request with custom security rules using the Arcjet library.
• next:

  example-nextjsu/app/bots/test/route.ts

  Line 1 in f88a2f4

  import { type NextRequest, NextResponse } from "next/server";

  - This code is configuring a Next.js route to be dynamically rendered and importing Arcjet bot detection middleware to potentially protect the route against automated bot traffic.
• next:

  example-nextjsu/app/rate-limiting/test/route.ts

  Line 3 in f88a2f4

  import { type NextRequest, NextResponse } from "next/server";

  - This code is configuring a rate-limiting middleware using Arcjet for a Next.js route, which helps protect the route from excessive requests by applying a fixed-window rate limiting strategy with NextResponse and NextRequest from Next.js server middleware.
• next:

  example-nextjsu/app/sensitive-info/test/route.ts

  Line 1 in f88a2f4

  import { type NextRequest, NextResponse } from "next/server";

  - This code is importing Next.js server-side routing types and Arcjet security middleware to handle and validate sensitive information routes in a Next.js application.
• next:

  example-nextjsu/app/signup/test/route.ts

  Line 1 in f88a2f4

  import { type NextRequest, NextResponse } from "next/server";

  - This code is importing Next.js server-side routing utilities (NextRequest and NextResponse) and setting up Arcjet protection rules for a signup route in a Next.js application, likely to add authentication and validation middleware to the signup process.
• next: https://github.com/Jobayer071/example-nextjsu/blob/f88a2f413cc82f7b209c930007cac0cc7c33bb46/app/api/auth/[...nextauth]/route.ts#L3 - This code appears to be setting up an authentication route in a Next.js application using the Next.js server middleware, likely preparing to handle authentication requests with additional security features from Arcjet, such as bot detection and rate limiting.
• react:

  example-nextjsu/components/NavLink.tsx

  Line 5 in f88a2f4

  import type { ComponentProps } from "react";

  - This code is importing the ComponentProps type from React to potentially use as a type for extracting the prop types from the Next.js Link component, though the comment suggests this approach might be incomplete or not fully satisfactory.
• react:

  example-nextjsu/components/PopoverTarget.tsx

  Line 3 in f88a2f4

  import { type ComponentProps, useEffect, useRef } from "react";

  - Based on the partial code snippet, this appears to be setting up a React component that is likely preparing for CSS anchor positioning, using client-side rendering, and using React hooks like useRef and useEffect to manage component-specific behavior related to positioning or referencing DOM elements.
• react:

  example-nextjsu/components/RLForm.tsx

  Line 4 in f88a2f4

  import { useState } from "react";

  - This code is importing and setting up React's useState hook alongside other form-related libraries (react-hook-form, zod) to likely create a dynamic, validated form with state management in a React TypeScript component.
• react:

  example-nextjsu/components/brand/LogoMarkSpark.tsx

  Line 4 in f88a2f4

  import { forwardRef, useEffect, useState } from "react";

  - This code snippet appears to be importing React hooks and the useTheme hook from Next.js, and beginning to define a component with a dark mode visual data object, likely preparing to create a logo or visual element that can adapt to different theme states.
• react:

  example-nextjsu/components/compositions/VisitDashboard.tsx

  Line 2 in f88a2f4

  import * as React from "react";

  - Based on the context, this code snippet appears to be importing React and its memo function, along with other components and a custom hook, likely preparing to create a memoized React component for a visit dashboard that may involve navigation and branding elements.
• react:

  example-nextjsu/components/compositions/VisitDashboard.tsx

  Line 3 in f88a2f4

  import { memo } from "react";

  - In this code snippet, React's memo higher-order component is being imported and likely used to memoize a component, which helps optimize performance by preventing unnecessary re-renders when the component's props haven't changed.
• react:

  example-nextjsu/components/icons/ArrowExternal.tsx

  Line 1 in f88a2f4

  import { forwardRef } from "react";

  - This React code defines a functional component ArrowExternal using forwardRef to create an SVG icon component that can receive a ref and optional CSS classes, allowing the icon to be customized and referenced by parent components.
• react-hook-form:

  example-nextjsu/components/EmailForm.tsx

  Line 5 in f88a2f4

  import { useForm } from "react-hook-form";

  - The code is using useForm from react-hook-form with Zod validation (via zodResolver) to create a form with type-safe validation and form state management.
• react-hook-form:

  example-nextjsu/components/RLForm.tsx

  Line 5 in f88a2f4

  import { useForm } from "react-hook-form";

  - This code is using react-hook-form's useForm hook with Zod schema validation to create a form management system, likely for handling form state, validation, and submission in a type-safe manner.
• react-hook-form:

  example-nextjsu/components/SuppportForm.tsx

  Line 5 in f88a2f4

  import { useForm } from "react-hook-form";

  - This code is using react-hook-form's useForm hook with Zod validation to create a form management system that will handle form state, validation, and submission for a support form component.
• zod:

  example-nextjsu/components/EmailForm.tsx

  Line 6 in f88a2f4

  import { z } from "zod";

  - Based on the context, it appears that Zod (imported as z) is being used to define and validate a form schema for validating input fields during form submission or registration, likely ensuring that email and other form data meet specific validation criteria defined in the formSchema.
• zod:

  example-nextjsu/components/RLForm.tsx

  Line 6 in f88a2f4

  import { z } from "zod";

  - Based on the context, it appears that Zod (imported as z) is likely being used to define or validate a schema for form validation, specifically referencing the emptyFormSchema imported from a separate schema file, which suggests type safety and runtime validation for form data.
• zod:

  example-nextjsu/components/SuppportForm.tsx

  Line 6 in f88a2f4

  import { z } from "zod";

  - In this context, Zod (imported as z) is likely being used to define and validate the schema for the form data, ensuring type safety and runtime validation of the input fields according to the predefined rules in formSchema.
• zod:

  example-nextjsu/app/sensitive-info/schema.ts

  Line 1 in f88a2f4

  import { z } from "zod";

  - This code is importing the Zod library to define a schema for client-side validation of form fields, which will help ensure data integrity and provide immediate feedback before sending data to the server.
• zod:

  example-nextjsu/app/signup/schema.ts

  Line 1 in f88a2f4

  import { z } from "zod";

  - This code is importing the Zod library to define a schema for validating form input fields on the client side, providing type checking and validation before data submission.
• @​playwright/test:

  example-nextjsu/playwright.config.ts

  Line 1 in f88a2f4

  import { defineConfig, devices } from "@playwright/test";

  - This Playwright configuration is setting up the test directory to be "./tests" and using the defineConfig function from @​playwright/test to configure test settings, likely specifying where the test files are located and potentially other test execution parameters. The devices import suggests it may also be configuring different device/browser profiles for cross-browser testing.
• @​playwright/test:

  example-nextjsu/tests/screenshots.test.ts

  Line 1 in f88a2f4

  import { expect, test } from "@playwright/test";

  - This code is importing the expect and test utilities from Playwright's test library, likely to set up a test suite for screenshots or route-related testing in a Next.js application, with an initial attempt to import an app path routes manifest.

Other Usages (49)

These usages were analyzed but no breaking changes were detected:

@​hookform/resolvers

• example-nextjsu/components/EmailForm.tsx

  Line 3 in f88a2f4

  import { zodResolver } from "@hookform/resolvers/zod";

• example-nextjsu/components/RLForm.tsx

  Line 3 in f88a2f4

  import { zodResolver } from "@hookform/resolvers/zod";

• example-nextjsu/components/SuppportForm.tsx

  Line 3 in f88a2f4

  import { zodResolver } from "@hookform/resolvers/zod";

next

• example-nextjsu/app/layout.tsx

  Line 1 in f88a2f4

  import { Metadata } from "next";

• example-nextjsu/app/layout.tsx

  Line 2 in f88a2f4

  import Image from "next/image";

• example-nextjsu/app/layout.tsx

  Line 3 in f88a2f4

  import Link from "next/link";

• example-nextjsu/app/layout.tsx

  Line 4 in f88a2f4

  import Script from "next/script";

• example-nextjsu/app/page.tsx

  Line 1 in f88a2f4

  import Link from "next/link";

• ...and 24 more

react

• example-nextjsu/components/NavLink.tsx

  Line 5 in f88a2f4

  import type { ComponentProps } from "react";

• example-nextjsu/components/PopoverTarget.tsx

  Line 3 in f88a2f4

  import { type ComponentProps, useEffect, useRef } from "react";

• example-nextjsu/components/RLForm.tsx

  Line 4 in f88a2f4

  import { useState } from "react";

• example-nextjsu/components/brand/LogoMarkSpark.tsx

  Line 4 in f88a2f4

  import { forwardRef, useEffect, useState } from "react";

• example-nextjsu/components/compositions/VisitDashboard.tsx

  Line 2 in f88a2f4

  import * as React from "react";

• ...and 2 more

react-hook-form

• example-nextjsu/components/EmailForm.tsx

  Line 5 in f88a2f4

  import { useForm } from "react-hook-form";

• example-nextjsu/components/RLForm.tsx

  Line 5 in f88a2f4

  import { useForm } from "react-hook-form";

• example-nextjsu/components/SuppportForm.tsx

  Line 5 in f88a2f4

  import { useForm } from "react-hook-form";

zod

• example-nextjsu/components/EmailForm.tsx

  Line 6 in f88a2f4

  import { z } from "zod";

• example-nextjsu/components/RLForm.tsx

  Line 6 in f88a2f4

  import { z } from "zod";

• example-nextjsu/components/SuppportForm.tsx

  Line 6 in f88a2f4

  import { z } from "zod";

• example-nextjsu/app/sensitive-info/schema.ts

  Line 1 in f88a2f4

  import { z } from "zod";

• example-nextjsu/app/signup/schema.ts

  Line 1 in f88a2f4

  import { z } from "zod";

@​playwright/test

• example-nextjsu/playwright.config.ts

  Line 1 in f88a2f4

  import { defineConfig, devices } from "@playwright/test";

• example-nextjsu/tests/screenshots.test.ts

  Line 1 in f88a2f4

  import { expect, test } from "@playwright/test";

Changes

This update brings 6 breaking changes requiring Node.js 18+ for React packages and introducing a new flat ESLint config default, along with React's new <Activity> API for hiding/restoring UI state and useEffectEvent hook for extracting non-reactive Effect logic. Notable fixes include resolving infinite useDeferredValue loops, form submission crashes with Client Actions, and multiple Zod v4 type resolution issues, while Playwright adds AI-powered test generation agents and Next.js addresses devtools overlay rendering problems.

• Breaking: Require Node.js 18 or newer. (@​michaelfaith in #32458) (vv19.2.0, release notes)
• Breaking: Flat config is now the default recommended preset. Legacy config moved to recommended-legacy. (@​michaelfaith in #32457) (vv19.2.0, release notes)
• Breaking: Require Node.js 18 or newer. (@​michaelfaith in #32458) (vv19.2.0, release notes)

View 222 more changes

• zod: fix output type for Zod 4 resolver (#803) (e95721d) (vv5.2.2, release notes)
• discriminated union for zod v4 mini (#784) (49a0d7b) (vv5.2.1, release notes)
• zod v4 peer deps (#798) (2d28e6a) (vv5.2.1, release notes)
• ajv: add ajv-formats for ajvResolver (#797) (f040039) (vv5.2.0, release notes)
• 🚀 Work with anchor and target inside same shadow root by @​wkillerud in Work with anchor and target inside same shadow root oddbird/css-anchor-positioning#353 (vv0.7.0, release notes)
• 🏠 INTERNAL: Upgrade dependencies (vv0.7.0, release notes)
• @​wkillerud made their first contribution in Work with anchor and target inside same shadow root oddbird/css-anchor-positioning#353 (vv0.7.0, release notes)
• ensure onRequestError is invoked when otel enabled (#83343) (vv15.5.4, release notes)
• devtools initial position should be from next config (#83571) (vv15.5.4, release notes)
• [devtool] fix overlay styles are missing (#83721) (vv15.5.4, release notes)
• Turbopack: don't match dynamic pattern for node_modules packages (#83176) (vv15.5.4, release notes)
• Turbopack: don't treat metadata routes as RSC (#82911) (vv15.5.4, release notes)
• [turbopack] Improve handling of symlink resolution errors in track_glob and read_glob (#83357) (vv15.5.4, release notes)
• Turbopack: throw large static metadata error earlier (#82939) (vv15.5.4, release notes)
• error overlay not closing when backdrop clicked (#83981) (vv15.5.4, release notes)
• Turbopack: flush Node.js worker IPC on error (#84077) (vv15.5.4, release notes)
• [CNA] use linter preference (#83194) (vv15.5.4, release notes)
• CI: use KV for test timing data (#83745) (vv15.5.4, release notes)
• docs: september improvements and fixes (#83997) (vv15.5.4, release notes)
• validation return types of pages API routes (#83069) (vv15.5.3, release notes)
• relative paths in dev in validator.ts (#83073) (vv15.5.3, release notes)
• remove satisfies keyword from type validation to preserve old TS compatibility (#83071) (vv15.5.3, release notes)
• <Activity>: A new API to hide and restore the UI and internal state of its children. (vv19.2.0, release notes)
• useEffectEvent is a React Hook that lets you extract non-reactive logic into an Effect Event. (vv19.2.0, release notes)
• cacheSignal (for RSCs) lets your know when the cache() lifetime is over. (vv19.2.0, release notes)
• React Performance tracks appear on the Performance panel’s timeline in your browser developer tools (vv19.2.0, release notes)
• Added resume APIs for partial pre-rendering with Web Streams: (vv19.2.0, release notes)
• resume: to resume a prerender to a stream. (vv19.2.0, release notes)
• resumeAndPrerender: to resume a prerender to HTML. (vv19.2.0, release notes)
• Updated prerender APIs to return a postponed state that can be passed to the resume APIs. (vv19.2.0, release notes)
• React DOM now batches suspense boundary reveals, matching the behavior of client side rendering. This change is especially noticeable when animating the reveal of Suspense boundaries e.g. with the upcoming <ViewTransition> Component. React will batch as much reveals as possible before the first paint while trying to hit popular first-contentful paint metrics. (vv19.2.0, release notes)
• Add Node Web Streams (prerender, renderToReadableStream) to server-side-rendering APIs for Node.js (vv19.2.0, release notes)
• Use underscore instead of : IDs generated by useId (vv19.2.0, release notes)
• <Activity /> was developed over many years, starting before ClassComponent.setState (@​acdlite @​sebmarkbage and many others) (vv19.2.0, release notes)
• Stringify context as "SomeContext" instead of "SomeContext.Provider" (@​kassens #33507) (vv19.2.0, release notes)
• Include stack of cause of React instrumentation errors with %o placeholder (@​eps1lon #34198) (vv19.2.0, release notes)
• Fix infinite useDeferredValue loop in popstate event (@​acdlite #32821) (vv19.2.0, release notes)
• Fix a bug when an initial value was passed to useDeferredValue (@​acdlite #34376) (vv19.2.0, release notes)
• Fix a crash when submitting forms with Client Actions (@​sebmarkbage #33055) (vv19.2.0, release notes)
• Hide/unhide the content of dehydrated suspense boundaries if they resuspend (@​sebmarkbage #32900) (vv19.2.0, release notes)
• Avoid stack overflow on wide trees during Hot Reload (@​sophiebits #34145) (vv19.2.0, release notes)
• Improve Owner and Component stacks in various places (@​sebmarkbage, @​eps1lon: #33629, #33724, #32735, #33723) (vv19.2.0, release notes)
• Add cacheSignal (@​sebmarkbage #33557) (vv19.2.0, release notes)
• Block on Suspensey Fonts during reveal of server-side-rendered content (@​sebmarkbage #33342) (vv19.2.0, release notes)
• Use underscore instead of : for IDs generated by useId (@​sebmarkbage, @​eps1lon: #32001, [Fizz] Block on Suspensey Fonts during reveal facebook/react#33342#33099, #33422) (vv19.2.0, release notes)
• Stop warning when ARIA 1.3 attributes are used (@​Abdul-Omira #34264) (vv19.2.0, release notes)
• Allow nonce to be used on hoistable styles (@​Andarist #32461) (vv19.2.0, release notes)
• Warn for using a React owned node as a Container if it also has text content (@​sebmarkbage #32774) (vv19.2.0, release notes)
• s/HTML/text for for error messages if text hydration mismatches (@​rickhanlonii #32763) (vv19.2.0, release notes)
• Fix a bug with React.use inside React.lazy-ed Component (@​hi-ogawa #33941) (vv19.2.0, release notes)
• Enable the progressiveChunkSize option for server-side-rendering APIs (@​sebmarkbage #33027) (vv19.2.0, release notes)
• Fix a bug with deeply nested Suspense inside Suspense fallback when server-side-rendering (@​gnoff #33467) (vv19.2.0, release notes)
• Avoid hanging when suspending after aborting while rendering (@​gnoff #34192) (vv19.2.0, release notes)
• Add Node Web Streams to server-side-rendering APIs for Node.js (@​sebmarkbage #33475) (vv19.2.0, release notes)
• Preload <img> and <link> using hints before they're rendered (@​sebmarkbage #34604) (vv19.2.0, release notes)
• Log error if production elements are rendered during development (@​eps1lon #34189) (vv19.2.0, release notes)
• Fix a bug when returning a Temporary reference (e.g. a Client Reference) from Server Functions (@​sebmarkbage #34084, @​denk0403 #33761) (vv19.2.0, release notes)
• Pass line/column to filterStackFrame (@​eps1lon #33707) (vv19.2.0, release notes)
• Support Async Modules in Turbopack Server References (@​lubieowoce #34531) (vv19.2.0, release notes)
• Add support for .mjs file extension in Webpack (@​jennyscript #33028) (vv19.2.0, release notes)
• Fix a wrong missing key warning (@​unstubbable #34350) (vv19.2.0, release notes)
• Make console log resolve in predictable order (@​sebmarkbage #33665) (vv19.2.0, release notes)
• createContainer and createHydrationContainer had their parameter order adjusted after on* handlers to account for upcoming experimental APIs (vv19.2.0, release notes)
• New Violations: Disallow calling use within try/catch blocks. (@​poteto in #34040) (vv19.2.0, release notes)
• New Violations: Disallow calling useEffectEvent functions in arbitrary closures. (@​jbrown215 in #33544) (vv19.2.0, release notes)
• Handle React.useEffect in addition to useEffect in rules-of-hooks. (@​Ayc0 in #34076) (vv19.2.0, release notes)
• Added react-hooks settings config option that to accept additionalEffectHooks that are used across exhaustive-deps and rules-of-hooks rules. (@​jbrown215) in #34497 (vv19.2.0, release notes)
• Fixed Owner Stacks to work with ES2015 function.name semantics (#33680 by @​hoxyq) (vv19.1.1, release notes)
• <Activity>: A new API to hide and restore the UI and internal state of its children. (vv19.2.0, release notes)
• useEffectEvent is a React Hook that lets you extract non-reactive logic into an Effect Event. (vv19.2.0, release notes)
• cacheSignal (for RSCs) lets your know when the cache() lifetime is over. (vv19.2.0, release notes)
• React Performance tracks appear on the Performance panel’s timeline in your browser developer tools (vv19.2.0, release notes)
• Added resume APIs for partial pre-rendering with Web Streams: (vv19.2.0, release notes)
• resume: to resume a prerender to a stream. (vv19.2.0, release notes)
• resumeAndPrerender: to resume a prerender to HTML. (vv19.2.0, release notes)
• Updated prerender APIs to return a postponed state that can be passed to the resume APIs. (vv19.2.0, release notes)
• React DOM now batches suspense boundary reveals, matching the behavior of client side rendering. This change is especially noticeable when animating the reveal of Suspense boundaries e.g. with the upcoming <ViewTransition> Component. React will batch as much reveals as possible before the first paint while trying to hit popular first-contentful paint metrics. (vv19.2.0, release notes)
• Add Node Web Streams (prerender, renderToReadableStream) to server-side-rendering APIs for Node.js (vv19.2.0, release notes)
• Use underscore instead of : IDs generated by useId (vv19.2.0, release notes)
• <Activity /> was developed over many years, starting before ClassComponent.setState (@​acdlite @​sebmarkbage and many others) (vv19.2.0, release notes)
• Stringify context as "SomeContext" instead of "SomeContext.Provider" (@​kassens #33507) (vv19.2.0, release notes)
• Include stack of cause of React instrumentation errors with %o placeholder (@​eps1lon #34198) (vv19.2.0, release notes)
• Fix infinite useDeferredValue loop in popstate event (@​acdlite #32821) (vv19.2.0, release notes)
• Fix a bug when an initial value was passed to useDeferredValue (@​acdlite #34376) (vv19.2.0, release notes)
• Fix a crash when submitting forms with Client Actions (@​sebmarkbage #33055) (vv19.2.0, release notes)
• Hide/unhide the content of dehydrated suspense boundaries if they resuspend (@​sebmarkbage #32900) (vv19.2.0, release notes)
• Avoid stack overflow on wide trees during Hot Reload (@​sophiebits #34145) (vv19.2.0, release notes)
• Improve Owner and Component stacks in various places (@​sebmarkbage, @​eps1lon: #33629, #33724, #32735, #33723) (vv19.2.0, release notes)
• Add cacheSignal (@​sebmarkbage #33557) (vv19.2.0, release notes)
• Block on Suspensey Fonts during reveal of server-side-rendered content (@​sebmarkbage #33342) (vv19.2.0, release notes)
• Use underscore instead of : for IDs generated by useId (@​sebmarkbage, @​eps1lon: #32001, [Fizz] Block on Suspensey Fonts during reveal facebook/react#33342#33099, #33422) (vv19.2.0, release notes)
• Stop warning when ARIA 1.3 attributes are used (@​Abdul-Omira #34264) (vv19.2.0, release notes)
• Allow nonce to be used on hoistable styles (@​Andarist #32461) (vv19.2.0, release notes)
• Warn for using a React owned node as a Container if it also has text content (@​sebmarkbage #32774) (vv19.2.0, release notes)
• s/HTML/text for for error messages if text hydration mismatches (@​rickhanlonii #32763) (vv19.2.0, release notes)
• Fix a bug with React.use inside React.lazy-ed Component (@​hi-ogawa #33941) (vv19.2.0, release notes)
• Enable the progressiveChunkSize option for server-side-rendering APIs (@​sebmarkbage #33027) (vv19.2.0, release notes)
• Fix a bug with deeply nested Suspense inside Suspense fallback when server-side-rendering (@​gnoff #33467) (vv19.2.0, release notes)
• Avoid hanging when suspending after aborting while rendering (@​gnoff #34192) (vv19.2.0, release notes)
• Add Node Web Streams to server-side-rendering APIs for Node.js (@​sebmarkbage #33475) (vv19.2.0, release notes)
• Preload <img> and <link> using hints before they're rendered (@​sebmarkbage #34604) (vv19.2.0, release notes)
• Log error if production elements are rendered during development (@​eps1lon #34189) (vv19.2.0, release notes)
• Fix a bug when returning a Temporary reference (e.g. a Client Reference) from Server Functions (@​sebmarkbage #34084, @​denk0403 #33761) (vv19.2.0, release notes)
• Pass line/column to filterStackFrame (@​eps1lon #33707) (vv19.2.0, release notes)
• Support Async Modules in Turbopack Server References (@​lubieowoce #34531) (vv19.2.0, release notes)
• Add support for .mjs file extension in Webpack (@​jennyscript #33028) (vv19.2.0, release notes)
• Fix a wrong missing key warning (@​unstubbable #34350) (vv19.2.0, release notes)
• Make console log resolve in predictable order (@​sebmarkbage #33665) (vv19.2.0, release notes)
• createContainer and createHydrationContainer had their parameter order adjusted after on* handlers to account for upcoming experimental APIs (vv19.2.0, release notes)
• Breaking: Flat config is now the default recommended preset. Legacy config moved to recommended-legacy. (@​michaelfaith in #32457) (vv19.2.0, release notes)
• New Violations: Disallow calling use within try/catch blocks. (@​poteto in #34040) (vv19.2.0, release notes)
• New Violations: Disallow calling useEffectEvent functions in arbitrary closures. (@​jbrown215 in #33544) (vv19.2.0, release notes)
• Handle React.useEffect in addition to useEffect in rules-of-hooks. (@​Ayc0 in #34076) (vv19.2.0, release notes)
• Added react-hooks settings config option that to accept additionalEffectHooks that are used across exhaustive-deps and rules-of-hooks rules. (@​jbrown215) in #34497 (vv19.2.0, release notes)
• Fixed Owner Stacks to work with ES2015 function.name semantics (#33680 by @​hoxyq) (vv19.1.1, release notes)
• Added support for optional array fields in PathValueImpl type (vv7.64.0, release notes)
• Fixed preserving Controller's defaultValue when shouldUnregister prop is used (vv7.64.0, release notes)
• Removed unused field ids reference in useFieldArray (vv7.64.0, release notes)
• Added ability to extract form values using form state in react-hook-form (vv7.63.0, release notes)
• Added support for dirtyFields option in getValues() method to return only dirty fields (vv7.63.0, release notes)
• Added support for touchedFields option in getValues() method to return only touched fields (vv7.63.0, release notes)
• Improve logic for detecting dirty fields (vv7.63.0, release notes)
• Remove duplicated isMessage function (vv7.63.0, release notes)
• Update isValidating fields using field name (vv7.63.0, release notes)
• Unregister previous field when switching conditional Controllers (vv7.63.0, release notes)
• Only execute trigger function when dependencies are a valid array (vv7.63.0, release notes)
• Prevent onBlur event for read-only fields (vv7.62.0, release notes)
• Sync two default values after reset with new default values (vv7.62.0, release notes)
• Fix issue with cloning objects to prevent overriding prototype (vv7.62.0, release notes)
• Resolve field name type conflict in nested field errors (vv7.62.0, release notes)
• Added a compute prop for the useWatch subscription functionality (vv7.61.0, release notes)
• subscribe to the entire form but only return updated value with certain condition (vv7.61.0, release notes)
• subscribe to a specific form value state (vv7.61.0, release notes)
• Trigger watch callbacks only in response to value changes (vv7.61.0, release notes)
• Track name with setValue subscription callbacks (vv7.61.0, release notes)
• Fix watch return type based on defaultValue (vv7.61.0, release notes)
• Fix subscribing with latest defaultValues (vv7.61.0, release notes)
• Handle explicit "multipart/form-data" encType in Form Component (vv7.61.0, release notes)
• Remove React wildcard import to resolve ESM build issues (vv7.61.0, release notes)
• Improve exclude patterns (vv7.61.0, release notes)
• Remove unused omit function (vv7.61.0, release notes)
• 0b109c37c6b0b10e3901b56bcccb72e29a0b846f docs(ecosystem): add bupkis to the ecosystem section (#5237) (vv4.1.12, release notes)
• d22ec0d26fab27151b0f1d1f98bffeaf8b011f57 docs(ecosystem): add upfetch (#5238) (vv4.1.12, release notes)
• c56a4f6fab42c542b191228af61974b2328dc52f docs(ecosystem): add eslint-plugin-zod-x (#5261) (vv4.1.12, release notes)
• a0abcc02900a4293dd4f30cd81580efcdd5230bb docs(metadata.mdx): fix a mistake in an example output (#5248) (vv4.1.12, release notes)
• 62bf4e439e287e55c843245b49f8d34b1ad024ee fix(ZodError): prevent flatten() from crashing on 'toString' key (#5266) (vv4.1.12, release notes)
• 02a584010ac92ac8a351632ae5aea3983a6f17d8 refac(errors): Unify code structure and improve types (#5278) (vv4.1.12, release notes)
• 4b1922ad714e12dafaa83a40ec03275a39ac980c docs(content/v4/index): fix zod version (#5289) (vv4.1.12, release notes)
• 3fcb20ff348e49aec70f45e0dca3de8a61450e77 Add frrm to ecosystem (#5292) (vv4.1.12, release notes)
• fda4c7c2afbd7649261be1e7954f8c4d4de24a07 Make docs work without token (vv4.1.12, release notes)
• af447384379faef28aa857fb53ef1da702c6d408 Fix lint (vv4.1.12, release notes)
• 77c3c9f069a4cf168c0cbc58432803de887a6b1b Export bg.ts (vv4.1.12, release notes)
• 3b946107b6c94b2ac8ff9fb451160c34dc4dd794 v4.1.12 (vv4.1.12, release notes)
• 2bed4b39760d8e4d678203b5c8fcaf24c182fc9f 4.1.11 (vv4.1.11, release notes)
• 7ffedd00169d8dc2e7cb7c6d878f29b03e05b3a3 Fix shape caching (#5263) (vv4.1.10, release notes)
• 82cd717a0e7ee4e1737a783c7be278fa93fd8104 v4.1.10 (vv4.1.10, release notes)
• a78716d91da7649a61016b81c27f49fd9e79a81e Update zshy (#5249) (vv4.1.9, release notes)
• 923af801fde9f033cfd7e0e753b421a554fe3be8 Publish zod@​4.1.9 (vv4.1.9, release notes)
• 36c4ee354d0c1f47b7311e49f6dd4b7a11de04f5 Switch back to weakmap (vv4.1.8, release notes)
• a1726d53172ba52ecf90999df73778cf416264fd 4.1.8 (vv4.1.8, release notes)
• 0cca351c8b152d7c4113ab7c2a44675efb060677 Fix variable name inconsistency in coercion documentation (#5188) (vv4.1.7, release notes)
• aa78c270f1b43f4665339f4b61e7cb88037b8c84 Add copy/edit buttons (vv4.1.7, release notes)
• 76452d4119d800a722b692755c1168627bc95f0f Update button txt (vv4.1.7, release notes)
• 937f73c90cac90bd3b99b12c792c289b50416510 Fix tsconfig issue in bench (vv4.1.7, release notes)
• 976b43657d4aff6d47c73c1c86125623ea08752d v4.1.6 (#5222) (vv4.1.7, release notes)
• 4309c61304daf40aab2124b5f513abe2b4df8637 Fix cidrv6 validation - cidrv6 should reject invalid strings with multiple slashes (#5196) (vv4.1.7, release notes)
• ef95a73b6d33299743e5ff4f0645b98c1b0d6f72 feat(locales): Add Lithuanian (lt) locale (#5210) (vv4.1.7, release notes)
• 3803f3f37168212f2178e8b8deceb7bad78ed904 docs: update wrong contents in codeblocks in api.mdx (#5209) (vv4.1.7, release notes)
• 8a47d5c6ba8e4fe2f934a8e55d0cba4d81d821de docs: update coerce example in api.mdx (#5207) (vv4.1.7, release notes)
• e87db1322f11ff6907e1789da28933d258ab75fd feat(locales): Add Georgian (ka) locale (#5203) (vv4.1.7, release notes)
• c54b123e399a6ab266504eb1389c724af31d5998 docs: adds @​traversable/zod and @​traversable/zod-test to v4 ecosystem (#5194) (vv4.1.7, release notes)
• c27a294f5b792f47b8e9dbb293a8ff8cfb287a3a Fix two tiny grammatical errors in the docs. (#5193) (vv4.1.7, release notes)
• 23a2d6692398e3dd1ad1cdb0491b271a9f989380 docs: fix broken links in async refinements and transforms references (#5190) (vv4.1.7, release notes)
• 845a230bb06bff679b5f00e10153f4dbbd50d2b6 fix(locales): Add type name translations to Spanish locale (#5187) (vv4.1.7, release notes)
• 27f13d62b98cf5c501b828ba8837ff73cd6263d2 Improve regex precision and eliminate duplicates in regexes.ts (#5181) (vv4.1.7, release notes)
• a8a52b3ba370b761be76953fa3986aa43c4172a4 fix(v4): fix Khmer and Ukrainian locales (#5177) (vv4.1.7, release notes)
• 887e37cd7568219c54f9c2f71bbfe0300ce48376 Update slugs (vv4.1.7, release notes)
• e1f19482bbed3fbaa563a0d8e09f1a577cc58ac7 fix(v4): ensure array defaults are shallow-cloned (#5173) (vv4.1.7, release notes)
• 9f650385644ae319f806a965b83f79ebd252e497 docs(ecosystem): add DRZL; fix Prisma Zod Generator placement (#5215) (vv4.1.7, release notes)
• aa6f0f02c2a92a266ff1495a8d2541ae46012fcb More fixes (#5223) (vv4.1.7, release notes)
• aab33566bdb44a651cc3e27fde729285e4312419 4.1.7 (vv4.1.7, release notes)
• Introduced Playwright Agents: three custom agent definitions to help guide Large Language Models (LLMs) through the process of creating Playwright tests (vv1.56.0, release notes)
• 🎭 planner explores the app and produces a Markdown test plan (vv1.56.0, release notes)
• 🎭 generator transforms the Markdown plan into the Playwright Test files (vv1.56.0, release notes)
• 🎭 healer executes the test suite and automatically repairs failing tests (vv1.56.0, release notes)
• Added npx playwright init-agents command to generate latest agent definitions with client support (vv1.56.0, release notes)
• Added new CLI command npx playwright init-agents --loop=vscode for initializing agents in VSCode environment (vv1.56.0, release notes)
• Added new command npx playwright init-agents --loop=claude for initializing test agents with Claude loop configuration (vv1.56.0, release notes)
• Added command npx playwright init-agents --loop=opencode for initializing agents with a specified loop type (vv1.56.0, release notes)
• New methods page.consoleMessages() and page.pageErrors() for retrieving the most recent console messages from the page (vv1.56.0, release notes)
• New method page.requests() for retrieving the most recent network requests from the page (vv1.56.0, release notes)
• Added --test-list and --test-list-invert to allow manual specification of specific tests from a file (vv1.56.0, release notes)
• Added option to 'html' reporter to disable the "Copy prompt" button (vv1.56.0, release notes)
• Added option to 'html' reporter and UI Mode to merge files, collapsing test and describe blocks into a single unified list (vv1.56.0, release notes)
• Added option to UI Mode mirroring the --update-snapshots options (vv1.56.0, release notes)
• Added option to UI Mode to run only a single worker at a time (vv1.56.0, release notes)
• Event browserContext.on('backgroundpage') has been deprecated and will not be emitted. Method browserContext.backgroundPages() will return an empty list (vv1.56.0, release notes)
• Aria snapshots render and compare input placeholder (vv1.56.0, release notes)
• Added environment variable PLAYWRIGHT_TEST to Playwright worker processes to allow discriminating on testing status (vv1.56.0, release notes)
• Chromium 141.0.7390.37 (vv1.56.0, release notes)
• Mozilla Firefox 142.0.1 (vv1.56.0, release notes)
• WebKit 26.0 (vv1.56.0, release notes)
• Upgrade Chromium to 140.0.7339.186 (vv1.55.1, release notes)
• Fix internal error with step ID not found (vv1.55.1, release notes)
• Fix HTML reporter broken chip link issue when no projects exist (vv1.55.1, release notes)
• Revert previous change tracking inert elements as hidden (vv1.55.1, release notes)
• Remove usage of -k option in build/test process (vv1.55.1, release notes)
• Chromium 140.0.7339.186 (vv1.55.1, release notes)
• Mozilla Firefox 141.0 (vv1.55.1, release notes)
• Google Chrome 139 (vv1.55.1, release notes)
• Microsoft Edge 139 (vv1.55.1, release notes)
• New Property testStepInfo.titlePath Returns the full title path starting from the test file, including test and step titles. (vv1.55.0, release notes)
• Automatic toBeVisible() assertions: Codegen can now generate automatic toBeVisible() assertions for common UI interactions. This feature can be enabled in the Codegen settings UI. (vv1.55.0, release notes)
• ⚠️ Dropped support for Chromium extension manifest v2. (vv1.55.0, release notes)
• Added support for Debian 13 "Trixie". (vv1.55.0, release notes)
• Fixed regression where Codegen cannot launch in Administrator Terminal on Windows (vv1.54.2, release notes)
• Fixed regression causing Playwright Codegen to repeatedly spam selected options (vv1.54.2, release notes)
• Fixed regression preventing Codegen from starting with a target language specification (vv1.54.2, release notes)
• Chromium 139.0.7258.5 (vv1.54.2, release notes)
• Mozilla Firefox 140.0.2 (vv1.54.2, release notes)
• Google Chrome 140 (vv1.54.2, release notes)
• Microsoft Edge 140 (vv1.54.2, release notes)

References (9)

[1]: Node.js engine requirement is already >=20, meeting React 19.2.0's requirement of Node.js 18 or newer

example-nextjsu/package.json

Line 18 in f88a2f4

"node": ">=20"

[2]: Next.js upgraded from 15.5.2 to 15.5.4 (patch version), which includes security fixes for CVE-2025-29927

example-nextjsu/package.json

Line 39 in f88a2f4

"next": "15.5.4",

[3]: React upgraded from 19.1.0 to 19.2.0 with useId prefix change, but codebase doesn't use useId

example-nextjsu/package.json

Line 42 in f88a2f4

"react": "19.2.0",

[4]: React Hook Form upgraded from 7.60.0 to 7.64.0 with useFieldArray field ids removal, but codebase doesn't use useFieldArray

example-nextjsu/package.json

Line 44 in f88a2f4

"react-hook-form": "7.64.0",

[5]: Uses standard useForm hook from react-hook-form which remains fully compatible

example-nextjsu/components/EmailForm.tsx

Line 5 in f88a2f4

import { useForm } from "react-hook-form";

[6]: Uses standard useForm hook from react-hook-form which remains fully compatible

example-nextjsu/components/RLForm.tsx

Line 5 in f88a2f4

import { useForm } from "react-hook-form";

[7]: Middleware implementation uses nosecone wrapper and doesn't manually handle x-middleware-subrequest headers

example-nextjsu/middleware.ts

Line 40 in f88a2f4

const noseconeMiddleware = nosecone.createMiddleware(

[8]: React 19.2.0 useId prefix change only affects applications using the useId hook for View Transitions (source link)

[9]: CVE-2025-29927 is patched in Next.js 15.2.3+, and this upgrade includes the fix (source link)

---

fossabot analyzed this PR using static analysis and dependency research.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​types/​react-dom@​19.1.6 ⏵ 19.2.1	+1		+1	+1
	@​types/​react@​19.1.8 ⏵ 19.2.2				+1
	@​fontsource-variable/​figtree@​5.2.8 ⏵ 5.2.10	+5		+2	+8
	next@​15.5.2 ⏵ 15.5.4	+2		+1	+1
	react@​19.1.0 ⏵ 19.2.0	+1		+1
	@​fontsource/​ibm-plex-mono@​5.2.6 ⏵ 5.2.7	+1		+2	+7
	typescript@​5.8.3 ⏵ 5.9.3	+1		+1
	@​hookform/​resolvers@​5.1.1 ⏵ 5.2.2	+1		+1	+2
	react-dom@​19.1.0 ⏵ 19.2.0	+1		+1
	@​oddbird/​css-anchor-positioning@​0.6.1 ⏵ 0.7.0	+2		+1	+6
	react-hook-form@​7.60.0 ⏵ 7.64.0	+1		+1	+2
	zod@​4.1.5 ⏵ 4.1.12	+1		+1	+1
	sass@​1.89.2 ⏵ 1.93.2	+1
	@​playwright/​test@​1.54.1 ⏵ 1.56.0

View full report

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.