Skip to content

chore(deps): bump the npm-production group across 1 directory with 10 updates#516

Merged
brendanjryan merged 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-production-631505b6ac
Jun 8, 2026
Merged

chore(deps): bump the npm-production group across 1 directory with 10 updates#516
brendanjryan merged 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-production-631505b6ac

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 8, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm-production group with 10 updates in the / directory:

Package From To
incur 0.4.5 0.4.8
ox 0.14.24 0.14.27
tsx 4.21.0 4.22.4
ws 8.20.1 8.21.0
@remix-run/node-fetch-server 0.13.1 0.13.3
bun 1.3.13 1.3.14
@tanstack/react-query 5.100.10 5.100.14
wagmi 3.6.13 3.6.16
@stripe/stripe-js 9.4.0 9.7.0
accounts 0.10.2 0.14.6

Updates incur from 0.4.5 to 0.4.8

Release notes

Sourced from incur's releases.

incur@0.4.8

Patch Changes

  • 935e6f7: Generated OpenAPI commands accepted header parameters and header security schemes as CLI options.

incur@0.4.7

Patch Changes

  • 01b5c91: Added openapiConfig.mode for choosing operation id or namespace command generation.
  • bfc05ac: Added hosted OpenAPI command generation from Fetch.fromRequest sources.

incur@0.4.6

Patch Changes

  • ed18ddc: Added support for automatic OpenAPI v3.2.0 schema generation
Changelog

Sourced from incur's changelog.

0.4.8

Patch Changes

  • 935e6f7: Generated OpenAPI commands accepted header parameters and header security schemes as CLI options.

0.4.7

Patch Changes

  • 01b5c91: Added openapiConfig.mode for choosing operation id or namespace command generation.
  • bfc05ac: Added hosted OpenAPI command generation from Fetch.fromRequest sources.

0.4.6

Patch Changes

  • ed18ddc: Added support for automatic OpenAPI v3.2.0 schema generation
Commits

Updates ox from 0.14.24 to 0.14.27

Release notes

Sourced from ox's releases.

ox@0.14.27

Patch Changes

  • #263 451a442 Thanks @​jxom! - ox/tempo: Added the ReceivePolicyReceipt module for encoding/decoding TIP-1028 receive-policy claim receipts (ClaimReceiptV1 witnesses) with decode, encode, from, fromLog, and fromTransactionReceipt (returns one receipt per TransferBlocked log).

ox@0.14.26

Patch Changes

  • #262 b1ac8c8 Thanks @​jxom! - ox/tempo: Added support for TIP-1049 (admin access keys) via optional isAdmin and account fields on KeyAuthorization that bind into the signing hash.

  • #260 581ccee Thanks @​jxom! - ox/tempo: Added support for TIP-1053 (witnesses in key authorizations) via an optional 32-byte witness field on KeyAuthorization that is included in the signing hash.

ox@0.14.25

Patch Changes

  • #256 ad7610b Thanks @​jxom! - Renamed ChannelDescriptor.from to Channel.from, made Channel.Channel the descriptor type, and changed Channel.computeId to receive channel and options separately.
Commits

Updates tsx from 4.21.0 to 4.22.4

Release notes

Sourced from tsx's releases.

v4.22.4

4.22.4 (2026-05-31)

Bug Fixes

  • resolve CommonJS directory requires inside dependencies (#803) (1ce8463)

This release is also available on:

v4.22.3

4.22.3 (2026-05-19)

Bug Fixes

  • decode typed loader source (dce02fc)
  • preserve entrypoint with TypeScript preload hooks (68f72f3)

This release is also available on:

v4.22.2

4.22.2 (2026-05-18)

Bug Fixes

  • preserve CJS JSON require in ESM hooks (35b700b)
  • preserve named exports from CommonJS TypeScript (11de737)
  • support module.exports require(esm) interop (cf8f199)

This release is also available on:

v4.22.1

4.22.1 (2026-05-17)

Bug Fixes

  • resolve tsconfig path aliases containing a colon (#780) (6979f28)

This release is also available on:

... (truncated)

Commits
  • 1ce8463 fix: resolve CommonJS directory requires inside dependencies (#803)
  • dce02fc fix: decode typed loader source
  • 68f72f3 fix: preserve entrypoint with TypeScript preload hooks
  • 69455cf test: cover package exports for ambiguous ESM reexports
  • 35b700b fix: preserve CJS JSON require in ESM hooks
  • ef807db chore: update testing dependencies
  • 3917090 test: document compatibility test taxonomy
  • de8113f refactor: centralize Node capability facts
  • c1f62db test: consolidate tsconfig path edge coverage
  • 4e08174 test: consolidate loader hook coverage
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for tsx since your current version.


Updates ws from 8.20.1 to 8.21.0

Release notes

Sourced from ws's releases.

8.21.0

Features

  • Introduced the maxBufferedChunks and maxFragments options (2b2abd45).

Bug fixes

  • Fixed a remote memory exhaustion DoS vulnerability (2b2abd45).

A high volume of tiny fragments and data chunks could be sent by a peer, using modest network traffic, to crash a ws server or client due to OOM.

import { WebSocket, WebSocketServer } from 'ws';
const wss = new WebSocketServer({ port: 0 }, function () {
const data = Buffer.alloc(1);
const options = { fin: false };
const { port } = wss.address();
const ws = new WebSocket(ws://localhost:${port});
ws.on('open', function () {
(function send() {
ws.send(data, options, function (err) {
if (err) return;
send();
});
})();
});
ws.on('error', console.error);
ws.on('close', function (code, reason) {
console.log(client close - code: ${code} reason: ${reason.toString()});
});
});
wss.on('connection', function (ws) {
ws.on('error', console.error);
ws.on('close', function (code, reason) {
console.log(server close - code: ${code} reason: ${reason.toString()});
});
});

The vulnerability was responsibly disclosed and fixed by Nadav Magier.

In vulnerable versions, the issue can be mitigated by lowering the value of the maxPayload option if possible.

Commits

Updates @remix-run/node-fetch-server from 0.13.1 to 0.13.3

Release notes

Sourced from @​remix-run/node-fetch-server's releases.

node-fetch-server v0.13.3

Patch Changes

  • Cancel unfinished streaming response bodies when the client connection closes before the response completes so user-provided ReadableStream.cancel() hooks run for aborted requests (see #11432).

  • Drop handler responses when the client has already disconnected, and do not forward request abort errors from handlers or response streams to onError or write them to a closed socket (see #11431).

node-fetch-server v0.13.2

Patch Changes

  • Start writing the first response stream chunk immediately instead of waiting for another chunk. Streaming responses with a delayed second chunk now flush their initial data without unnecessary blocking.
Changelog

Sourced from @​remix-run/node-fetch-server's changelog.

v0.13.3

Patch Changes

  • Cancel unfinished streaming response bodies when the client connection closes before the response completes so user-provided ReadableStream.cancel() hooks run for aborted requests (see #11432).

  • Drop handler responses when the client has already disconnected, and do not forward request abort errors from handlers or response streams to onError or write them to a closed socket (see #11431).

v0.13.2

Patch Changes

  • Start writing the first response stream chunk immediately instead of waiting for another chunk. Streaming responses with a delayed second chunk now flush their initial data without unnecessary blocking.
Commits

Updates bun from 1.3.13 to 1.3.14

Release notes

Sourced from bun's releases.

Bun v1.3.14

To install Bun v1.3.14

curl -fsSL https://bun.sh/install | bash
# or you can use npm
# npm install -g bun

Windows:

powershell -c "irm bun.sh/install.ps1|iex"

To upgrade to Bun v1.3.14:

bun upgrade

Read Bun v1.3.14's release notes on Bun's blog

Thanks to 11 contributors!

Commits
  • 0d9b296 Bun.serve: rename h3/h1 options to http3/http1 (#30583)
  • 39540fd github-actions: pin action versions (#30575)
  • 314ffe3 test: pin #23139 + #22743 — repeated dynamic import of error-throwing module ...
  • 2043f9c Upgrade WebKit to 5488984d: fix require(ESM) diamond-dep deadlock (#30527)
  • 37bfbed YAML.stringify: quote strings that parse back as numbers (#30435)
  • 4c0a5a7 node:http: dispatch request on first write() and emit response in duplex mode...
  • ca1788c Don't retry non-idempotent HTTP methods on keep-alive disconnect (#28708)
  • 450072b install: disable isolated global virtual store by default until no longer exp...
  • 03ebdf8 chore: prevent auto-update actions from running on forks (#30464)
  • fe735f8 http: arm idle timer on open so a stalled TLS handshake times out (#30376)
  • Additional commits viewable in compare view

Updates @tanstack/react-query from 5.100.10 to 5.100.14

Release notes

Sourced from @​tanstack/react-query's releases.

@​tanstack/react-query-devtools@​5.100.14

Patch Changes

  • Updated dependencies [ed20b6d]:
    • @​tanstack/react-query@​5.100.14
    • @​tanstack/query-devtools@​5.100.14

@​tanstack/react-query-next-experimental@​5.100.14

Patch Changes

  • Updated dependencies [ed20b6d]:
    • @​tanstack/react-query@​5.100.14

@​tanstack/react-query-persist-client@​5.100.14

Patch Changes

  • Updated dependencies [ed20b6d]:
    • @​tanstack/react-query@​5.100.14
    • @​tanstack/query-persist-client-core@​5.100.14

@​tanstack/react-query@​5.100.14

Patch Changes

  • fix(react-query): do not go into optimistic fetching state when not subscribed (#10759)

  • Updated dependencies []:

    • @​tanstack/query-core@​5.100.14

@​tanstack/react-query-devtools@​5.100.13

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-devtools@​5.100.13
    • @​tanstack/react-query@​5.100.13

@​tanstack/react-query-next-experimental@​5.100.13

Patch Changes

  • Updated dependencies []:
    • @​tanstack/react-query@​5.100.13

@​tanstack/react-query-persist-client@​5.100.13

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-persist-client-core@​5.100.13
    • @​tanstack/react-query@​5.100.13

@​tanstack/react-query@​5.100.13

Patch Changes

... (truncated)

Changelog

Sourced from @​tanstack/react-query's changelog.

5.100.14

Patch Changes

  • fix(react-query): do not go into optimistic fetching state when not subscribed (#10759)

  • Updated dependencies []:

    • @​tanstack/query-core@​5.100.14

5.100.13

Patch Changes

  • Updated dependencies [d423168]:
    • @​tanstack/query-core@​5.100.13

5.100.12

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-core@​5.100.12

5.100.11

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-core@​5.100.11
Commits

Updates wagmi from 3.6.13 to 3.6.16

Release notes

Sourced from wagmi's releases.

wagmi@3.6.16

Patch Changes

wagmi@3.6.15

Patch Changes

  • Handled malformed cookie state in cookieToInitialState. (#5116)

  • wagmi/tempo: Renamed Actions.wallet.send to Actions.wallet.transfer and Hooks.wallet.useSend to Hooks.wallet.useTransfer. (#5121)

    Also bumps the accounts peer dependency to ~0.12.

    - await Actions.wallet.send(config, {
-   to: '0x...',
-   token: '0x...',
-   value: '1.5',
- })
+ await Actions.wallet.transfer(config, {
+   amount: '1.5',
+   to: '0x...',
+   token: '0x...',
+ })
    - const send = Hooks.wallet.useSend()
+ const transfer = Hooks.wallet.useTransfer()

  • Updated dependencies [f1e6d70, 4c44cd0]:

    • @​wagmi/core@​3.4.12
    • @​wagmi/connectors@​8.0.14

wagmi@3.6.14

Patch Changes

  • Updated dependencies [9e8418a]:
    • @​wagmi/core@​3.4.11
    • @​wagmi/connectors@​8.0.13
Changelog

Sourced from wagmi's changelog.

3.6.16

Patch Changes

3.6.15

Patch Changes

  • Handled malformed cookie state in cookieToInitialState. (#5116)

  • wagmi/tempo: Renamed Actions.wallet.send to Actions.wallet.transfer and Hooks.wallet.useSend to Hooks.wallet.useTransfer. (#5121)

    Also bumps the accounts peer dependency to ~0.12.

    - await Actions.wallet.send(config, {
-   to: '0x...',
-   token: '0x...',
-   value: '1.5',
- })
+ await Actions.wallet.transfer(config, {
+   amount: '1.5',
+   to: '0x...',
+   token: '0x...',
+ })
    - const send = Hooks.wallet.useSend()
+ const transfer = Hooks.wallet.useTransfer()

  • Updated dependencies [f1e6d70, 4c44cd0]:

    • @​wagmi/core@​3.4.12
    • @​wagmi/connectors@​8.0.14

3.6.14

Patch Changes

  • Updated dependencies [9e8418a]:
    • @​wagmi/core@​3.4.11
    • @​wagmi/connectors@​8.0.13
Commits

Updates @stripe/stripe-js from 9.4.0 to 9.7.0

Release notes

Sourced from @​stripe/stripe-js's releases.

v9.7.0

New features

  • Add adaptive_pricing as a parameter to stripe-js (#928)
  • Add buttonHeight types to createForm (#927)

v9.6.0

New features

  • Add types for automatic_surcharge (#918)

Fixes

Changed

v9.5.0

Changed

  • Add types for new PE and ECE availablepaymentmethodschange event (#924)
Commits

Updates accounts from 0.10.2 to 0.14.6

Release notes

Sourced from accounts's releases.

accounts@0.14.6

Patch Changes

  • 89a107f: Fixed getAccounts to respect signable.

accounts@0.14.5

Patch Changes

  • a33ed22: Added a strict option to Remote.validateSearch to let trusted wallet routes defer access-key policy validation.
  • b6fb206: Added showDeposit support to wallet_authorizeAccessKey requests.

accounts@0.14.4

Patch Changes

  • 8afc239: Fix React Native auth token handling and mobile auth URL encoding.

accounts@0.14.3

Patch Changes

  • 801e18a: Simplified Privy account loading and fixed stale wallet cache handling after failed account selection.
  • f176676: Point React Native mobile authentication at the remote manager route.

accounts@0.14.2

Patch Changes

  • 022d947: Simplified Privy account loading and fixed stale wallet cache handling after failed account selection.

accounts@0.14.1

Patch Changes

  • 62705cb: Added an on filter to the wallet_connect showDeposit capability to direct if the deposit screen should be shown on login or register.

accounts@0.14.0

Minor Changes

  • feb1ab6: Breaking: Updated Tempo chain imports to use scoped chain entrypoints. Bump your Viem version to >=2.50.4.

Patch Changes

  • 7aeec48: Fixed access key authorization to reject requests that require external key material when none is provided.
  • 78778cb: Added a Privy adapter for connecting and signing with app-provided Privy embedded wallet accounts.
  • e15757f: Added a showDeposit capability to wallet_connect.

accounts@0.13.0

Minor Changes

  • 0666744: Breaking: Changed Handler.auth() to require callers to provide origin or domain, so SIWE challenge and verify flows pinned domain binding instead of deriving it from request Host headers.

  • f652ff2: Breaking: Updated wallet_deposit params to use amount and token and removed value.

    

    • 






... (truncated)





Changelog

Sourced from accounts's changelog.




0.14.6


Patch Changes


    

  • 89a107f: Fixed getAccounts to respect signable.
    • 



0.14.5


Patch Changes


    

  • a33ed22: Added a strict option to Remote.validateSearch to let trusted wallet routes defer access-key policy validation.
    • 

  • b6fb206: Added showDeposit support to wallet_authorizeAccessKey requests.
    • 



0.14.4


Patch Changes


    

  • 8afc239: Fix React Native auth token handling and mobile auth URL encoding.
    • 



0.14.3


Patch Changes


    

  • 801e18a: Simplified Privy account loading and fixed stale wallet cache handling after failed account selection.
    • 

  • f176676: Point React Native mobile authentication at the remote manager route.
    • 



0.14.2


Patch Changes


    

  • 022d947: Simplified Privy account loading and fixed stale wallet cache handling after failed account selection.
    • 



0.14.1


Patch Changes


    

  • 62705cb: Added an on filter to the wallet_connect showDeposit capability to direct if the deposit screen should be shown on login or register.
    • 



0.14.0


Minor Changes


    

  • feb1ab6: Breaking: Updated Tempo chain imports to use scoped chain entrypoints. Bump your Viem version to >=2.50.4.
    • 



Patch Changes


    

  • 7aeec48: Fixed access key authorization to reject requests that require external key material when none is provided.
    • 

  • 78778cb: Added a Privy adapter for connecting and signing with app-provided Privy embedded wallet accounts.
    • 

  • e15757f: Added a showDeposit capability to wallet_connect.
    • 






... (truncated)





Commits

    

  • 4644fb9 chore: version packages (#592)
    • 

  • 42ef977 fix: validate persisted adapter accounts (#591)
    • 

  • 89a107f fix(provider): honor signable getAccount option (#590)
    • 

  • 3ff18b6 refactor(site): landing type scale + icon componentization (#587)
    • 

  • f76bfba fix(site): design tweaks for landing hero (#583)
    • 

  • b12b960 refactor: use viem managed access key authorization (#575)
    • 

  • 5b7083c feat: add wallet_authorizeAccessKey deposit toggle to playground (#581)
    • 

  • 9219d05 chore: version packages (#563)
    • 

  • b6fb206 feat: support showDeposit on wallet_authorizeAccessKey (#580)
    • 

  • 7d1a114 docs(site): remove adapter demo todos (#579)
    • 

  • Additional commits viewable in compare view
    • 







Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.





Dependabot commands and options



You can trigger Dependabot actions by commenting on this PR:


    

  • @dependabot rebase will rebase this PR
    • 

  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • 

  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
    • 

  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
    • 

  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
    • 

  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
    • 

  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
    • 

  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    • 




    

  
  



      


          

          
  
  

    
  
    
    

  

  

  



                    

          
        





  





    



      

  
        

  

      

  
  

  
          

  

    

      


  

      
        @dependabot
  




      

        
          chore(deps): bump the npm-production group across 1 directory with 10…
        

          
                        
      


      

        

    
    
    

  

    


      


      

        

          

    
    
    

  

  

    
  



        

      


      

        
          ba8257e
        
      

    

  

    

      
… updates

Bumps the npm-production group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [incur](https://github.com/wevm/incur) | `0.4.5` | `0.4.8` |
| [ox](https://github.com/wevm/ox) | `0.14.24` | `0.14.27` |
| [tsx](https://github.com/privatenumber/tsx) | `4.21.0` | `4.22.4` |
| [ws](https://github.com/websockets/ws) | `8.20.1` | `8.21.0` |
| [@remix-run/node-fetch-server](https://github.com/remix-run/remix/tree/HEAD/packages/node-fetch-server) | `0.13.1` | `0.13.3` |
| [bun](https://github.com/oven-sh/bun) | `1.3.13` | `1.3.14` |
| [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.100.10` | `5.100.14` |
| [wagmi](https://github.com/wevm/wagmi/tree/HEAD/packages/react) | `3.6.13` | `3.6.16` |
| [@stripe/stripe-js](https://github.com/stripe/stripe-js) | `9.4.0` | `9.7.0` |
| [accounts](https://github.com/tempoxyz/accounts) | `0.10.2` | `0.14.6` |



Updates `incur` from 0.4.5 to 0.4.8
- [Release notes](https://github.com/wevm/incur/releases)
- [Changelog](https://github.com/wevm/incur/blob/main/CHANGELOG.md)
- [Commits](https://github.com/wevm/incur/compare/incur@0.4.5...incur@0.4.8)

Updates `ox` from 0.14.24 to 0.14.27
- [Release notes](https://github.com/wevm/ox/releases)
- [Commits](https://github.com/wevm/ox/compare/ox@0.14.24...ox@0.14.27)

Updates `tsx` from 4.21.0 to 4.22.4
- [Release notes](https://github.com/privatenumber/tsx/releases)
- [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs)
- [Commits](privatenumber/tsx@v4.21.0...v4.22.4)

Updates `ws` from 8.20.1 to 8.21.0
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@8.20.1...8.21.0)

Updates `@remix-run/node-fetch-server` from 0.13.1 to 0.13.3
- [Release notes](https://github.com/remix-run/remix/releases)
- [Changelog](https://github.com/remix-run/remix/blob/main/packages/node-fetch-server/CHANGELOG.md)
- [Commits](https://github.com/remix-run/remix/commits/v0.13.3/packages/node-fetch-server)

Updates `bun` from 1.3.13 to 1.3.14
- [Release notes](https://github.com/oven-sh/bun/releases)
- [Commits](oven-sh/bun@bun-v1.3.13...bun-v1.3.14)

Updates `@tanstack/react-query` from 5.100.10 to 5.100.14
- [Release notes](https://github.com/TanStack/query/releases)
- [Changelog](https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md)
- [Commits](https://github.com/TanStack/query/commits/@tanstack/react-query@5.100.14/packages/react-query)

Updates `wagmi` from 3.6.13 to 3.6.16
- [Release notes](https://github.com/wevm/wagmi/releases)
- [Changelog](https://github.com/wevm/wagmi/blob/main/packages/react/CHANGELOG.md)
- [Commits](https://github.com/wevm/wagmi/commits/wagmi@3.6.16/packages/react)

Updates `@stripe/stripe-js` from 9.4.0 to 9.7.0
- [Release notes](https://github.com/stripe/stripe-js/releases)
- [Commits](stripe/stripe-js@v9.4.0...v9.7.0)

Updates `accounts` from 0.10.2 to 0.14.6
- [Release notes](https://github.com/tempoxyz/accounts/releases)
- [Changelog](https://github.com/tempoxyz/accounts/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tempoxyz/accounts/compare/accounts@0.10.2...accounts@0.14.6)

---
updated-dependencies:
- dependency-name: incur
  dependency-version: 0.4.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-production
- dependency-name: ox
  dependency-version: 0.14.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-production
- dependency-name: tsx
  dependency-version: 4.22.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-production
- dependency-name: ws
  dependency-version: 8.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-production
- dependency-name: "@remix-run/node-fetch-server"
  dependency-version: 0.13.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-production
- dependency-name: bun
  dependency-version: 1.3.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-production
- dependency-name: "@tanstack/react-query"
  dependency-version: 5.100.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-production
- dependency-name: wagmi
  dependency-version: 3.6.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-production
- dependency-name: "@stripe/stripe-js"
  dependency-version: 9.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-production
- dependency-name: accounts
  dependency-version: 0.14.6
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-production
...

Signed-off-by: dependabot[bot] <support@github.com>

    







  








      

  
            

    

      
    

    


      


          @dependabot
dependabot
Bot



            added
      

  dependencies

  Pull requests that update a dependency file

      

  javascript

  Pull requests that update javascript code

  labels


      Jun 8, 2026

    

  








      

  
      



  

  @pkg-pr-new






  



    

      

  

    

      
          
      

      
            pkg-pr-new
  Bot

      

      

      commented


        Jun 8, 2026



      
    


  


  

    

      

          
    
    

  


        
            
  
      
              Copy link

  

              
  
      
                Copy Markdown

  

        
      

    


    

        



        

    

  





      


        



  
    

      
          
Open in StackBlitz


npm i https://pkg.pr.new/mppx@516



commit: ba8257e


      		
    

  





        


            

            
            

              
            

        

      


      

            
  
  

    
  
    
    

  

  

  


    












      

  
      



  

  @socket-security






  



    

      

  

    

      
          
      

      
            socket-security
  Bot

      

      

      commented


        Jun 8, 2026



      
    


  


  

    

      

          
    
    

  


        
            
  
      
              Copy link

  

              
  
      
                Copy Markdown

  

        
      

    


    

        



        

    

  





      


        



  
    

      
          
Review the following changes in direct dependencies. Learn more about Socket for GitHub.






Diff
Package
Supply Chain
Security		
Vulnerability
Quality
Maintenance
License





Addedincur@​0.4.87710010096100


Updatedaccounts@​0.10.2 ⏵ 0.14.677 -110099 +199 +2100


Addedwagmi@​3.6.16801007996100


Addedbun@​1.3.14911008095100


Added@​types/​node@​25.9.21001008196100


Addedtsx@​4.22.41001008294100


Added@​typescript/​native-preview@​7.0.0-dev.20260606.110010082100100


Addedvite@​8.0.16991008298100


Added@​tanstack/​react-query@​5.100.14991008899100


Addedws@​8.21.09910010094100


Updated@​stripe/​stripe-js@​9.4.0 ⏵ 9.7.0100 +110010099100





View full report



      		
    

  





        


            

            
            

              
            

        

      


      

            
  
  

    
  
    
    

  

  

  


    












      

  
          
 
  

    
  

  


        
        @brendanjryan
  brendanjryan



        merged commit 864561f
      into

      
  
    main
  


    Jun 8, 2026

      

        18 of 19 checks passed
      


      

        
  
          
  
    
    


  
      

  







  

  
  

  
      @brendanjryan
  brendanjryan


    
    deleted the
    
      
        dependabot/npm_and_yarn/npm-production-631505b6ac
    
    branch

    June 8, 2026 16:53    
    













  
  

    

      

  










  








  
      

  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment


  










      

  

    
    

    

  

    Reviewers
  


    

    No reviews






    

  


      
  

    Assignees
  



        


    No one assigned







      


  


  

    Labels
  



    

      

    dependencies

  Pull requests that update a dependency file
  

    javascript

  Pull requests that update javascript code








      

  

    

        

    Projects
  


        




    None yet




  



      


  

    
  

    Milestone
  


      No milestone





    
      
          


  

    

      
        

          
  

    Development
  



            


Successfully merging this pull request may close these issues.





  
  



      
    

  




      

    

  
        

  

    

      1 participant
    

    

        
          @brendanjryan