deps(deps): bump the minor-and-patch group across 1 directory with 16 updates #16

dependabot · 2026-01-19T19:02:11Z

Bumps the minor-and-patch group with 16 updates in the / directory:

Package	From	To
@supabase/supabase-js	`2.89.0`	`2.90.1`
framer-motion	`12.23.26`	`12.27.1`
ioredis	`5.8.2`	`5.9.2`
lucide-react	`0.468.0`	`0.562.0`
next	`16.1.1`	`16.1.3`
node-datachannel	`0.31.0`	`0.32.0`
openai	`6.15.0`	`6.16.0`
puppeteer	`24.34.0`	`24.35.0`
resend	`6.6.0`	`6.8.0`
sax	`1.4.3`	`1.4.4`
undici	`7.16.0`	`7.18.2`
@testing-library/react	`16.3.1`	`16.3.2`
@types/node	`25.0.3`	`25.0.9`
@types/react	`19.2.7`	`19.2.8`
@types/webtorrent	`0.109.10`	`0.110.1`
eslint-config-next	`16.1.1`	`16.1.3`

Updates @supabase/supabase-js from 2.89.0 to 2.90.1

Release notes

Sourced from @supabase/supabase-js's releases.

v2.90.1

2.90.1 (2026-01-08)

🩹 Fixes

postgrest: prevent shared state between query builder operations (#1978)

realtime: validate table filter in postgres_changes event dispatch (#1999)

❤️ Thank You

Vaibhav @7ttp

v2.90.1-canary.1

2.90.1-canary.1 (2026-01-08)

🩹 Fixes

postgrest: prevent shared state between query builder operations (#1978)

❤️ Thank You

Vaibhav @7ttp

v2.90.1-canary.0

2.90.1-canary.0 (2026-01-07)

🩹 Fixes

realtime: validate table filter in postgres_changes event dispatch (#1999)

❤️ Thank You

Vaibhav @7ttp

v2.90.0

2.90.0 (2026-01-07)

🚀 Features

realtime: expose heartbeat latency on heartbeat callback (#1982)

🩹 Fixes

auth: add banned_until property to user type (#1989)

auth: add last_challenged_at property to factor type (#1990)

auth: clear initial setTimeout in stopAutoRefresh (#1993)

auth: preserve session when magic link is clicked twice (#1996)

auth: add configurable lock acquisition timeout to prevent deadlocks (#1962)

functions: auto-stringify object body when custom Content-Type header is provided (#1988)

postgrest: use post with return minimal for rpc head requests with object args (#1994)

... (truncated)

Changelog

Sourced from @supabase/supabase-js's changelog.

2.90.1 (2026-01-08)

This was a version bump only for @supabase/supabase-js to align it with other projects, there were no code changes.

2.90.0 (2026-01-07)

🩹 Fixes

supabase: avoid edge runtime warnings in next.js (#1998)

supabase: inline string literal in databasewithoutinternals type (#1986)

supabase: split type-only exports to avoid unused import warnings (#1979)

❤️ Thank You

Nico Kempe @nicokempe

Vaibhav @7ttp

Commits

1b8410a chore(release): version 2.90.0 changelogs (#2003)
d3d05f8 fix(supabase): avoid edge runtime warnings in next.js (#1998)
9bfac7f fix(supabase): inline string literal in databasewithoutinternals type (#1986)
30f9600 fix(supabase): split type-only exports to avoid unused import warnings (#1979)
636f1e9 test(supabase): run build in integration tests (#1969)
9e747ce chore(release): version 2.89.0 changelogs (#1971)
See full diff in compare view

Updates framer-motion from 12.23.26 to 12.27.1

Changelog

Sourced from framer-motion's changelog.

[12.27.1] 2026-01-19

Fixed

Improving projection node cleanup.

[12.27.0] 2026-01-18

Added

Adding new exports for internal use.

[12.26.2] 2026-01-13

Fixed

Internal refactor of projection system into motion-dom.

[12.26.1] 2026-01-12

Fixed

Improve overload selection for useTransform.

[12.26.0] 2026-01-12

Added

Support for multiple output value maps with useTransform.

[12.25.0] 2026-01-09

Added

Support for auto-scrolling when a Reorder.Item reaches the edges of its parent scrollable container.

[12.24.12] 2026-01-08

Fixed

Draggable elements now track pointer during page and element scroll.

[12.24.11] 2026-01-08

Fixed

Fixed time sampling of GPU animations under heavy CPU load.

[12.24.10] 2026-01-07

... (truncated)

Commits

2c7b003 v12.27.1
c9ab013 Updating changelog
7bb4cf8 Updating layout animation cleanup
eab3b0e v12.27.0
e54c92e Update changelog
4f28202 Merge pull request #3475 from motiondivision/animate-layout
66cd2e6 Latest
0c39787 Simplify LayoutAnimationBuilder
6a5c6f7 Latest
df20720 Latest
Additional commits viewable in compare view

Updates ioredis from 5.8.2 to 5.9.2

Release notes

Sourced from ioredis's releases.

v5.9.2

5.9.2 (2026-01-15)

Bug Fixes

cluster: Cluster reconnect sharded subscribers (#2060) (def9804)

preserve replica slots on MOVED in pipelines (#2059) (a1c3e9d)

Reverts

Revert "fix: preserve replica slots on MOVED in pipelines (#2059)" (#2062) (517b932), closes #2059 #2062

v5.9.1

5.9.1 (2026-01-08)

Bug Fixes

make client-side blocking timeouts opt-in (#2058) (07ed493)

v5.9.0

5.9.0 (2026-01-05)

Bug Fixes

remove unnecessary case-sensitivity when working with commands (#2036) (f33a2c8)

Features

add timeout blocking commands (#2052) (6ec78be)

cluster: refactor sharded pub/sub v5 (#2043) (a523f3a)

Changelog

Sourced from ioredis's changelog.

5.9.2 (2026-01-15)

Bug Fixes

cluster: Cluster reconnect sharded subscribers (#2060) (def9804)

preserve replica slots on MOVED in pipelines (#2059) (a1c3e9d)

Reverts

Revert "fix: preserve replica slots on MOVED in pipelines (#2059)" (#2062) (517b932), closes #2059 #2062

5.9.1 (2026-01-08)

Bug Fixes

make client-side blocking timeouts opt-in (#2058) (07ed493)

5.9.0 (2026-01-05)

Bug Fixes

remove unnecessary case-sensitivity when working with commands (#2036) (f33a2c8)

Features

add timeout blocking commands (#2052) (6ec78be)

cluster: refactor sharded pub/sub v5 (#2043) (a523f3a)

Commits

4cf4d99 chore(release): 5.9.2 [skip ci]
517b932 Revert "fix: preserve replica slots on MOVED in pipelines (#2059)" (#2062)
a1c3e9d fix: preserve replica slots on MOVED in pipelines (#2059)
def9804 fix(cluster): Cluster reconnect sharded subscribers (#2060)
9f42c5c chore(release): 5.9.1 [skip ci]
07ed493 fix: make client-side blocking timeouts opt-in (#2058)
3f8b94f chore(release): 5.9.0 [skip ci]
6ec78be feat: add timeout blocking commands (#2052)
a523f3a feat(cluster): refactor sharded pub/sub v5 (#2043)
3c521c6 chore(ci): add beta tags (#2054)
Additional commits viewable in compare view

Updates lucide-react from 0.468.0 to 0.562.0

Release notes

Sourced from lucide-react's releases.

Version 0.562.0

What's Changed

fix(icons): changed paint-bucket icon by @jguddas in lucide-icons/lucide#3880

fix(site): Fix and unify color-picker font-size by @taimar in lucide-icons/lucide#3889

fix(react-native-web): only add className prop to parent Icon component by @jguddas in lucide-icons/lucide#3892

fix(lucide-react-native): remove icons namespace export to enable tree-shaking by @jtomaszewski in lucide-icons/lucide#3868

feat(icons): added toolbox icon by @karsa-mistmere in lucide-icons/lucide#3871

New Contributors

@taimar made their first contribution in lucide-icons/lucide#3889

@jtomaszewski made their first contribution in lucide-icons/lucide#3868

Full Changelog: lucide-icons/lucide@0.561.0...0.562.0

Version 0.561.0

What's Changed

fix(site): Small adjustments color picker and add clear button search bar by @ericfennis in lucide-icons/lucide#3851

feat(icons): added stone icon by @Alportan in lucide-icons/lucide#3850

Full Changelog: lucide-icons/lucide@0.560.0...0.561.0

Version 0.560.0

What's Changed

feat(icons): added cannabis-off icon by @NickVeles in lucide-icons/lucide#3748

New Contributors

@NickVeles made their first contribution in lucide-icons/lucide#3748

Full Changelog: lucide-icons/lucide@0.559.0...0.560.0

Version 0.559.0

What's Changed

feat(icons): added fishing-hook icon by @7ender in lucide-icons/lucide#3837

New Contributors

@7ender made their first contribution in lucide-icons/lucide#3837

Full Changelog: lucide-icons/lucide@0.558.0...0.559.0

Version 0.558.0

What's Changed

feat(icons): added hd icon by @jamiemlaw in lucide-icons/lucide#2958

Full Changelog: lucide-icons/lucide@0.557.0...0.558.0

Version 0.557.0

What's Changed

fix(github/workflows/ci): fixes linting issues by @karsa-mistmere in lucide-icons/lucide#3858

... (truncated)

Commits

076e0bb chore(dependencies): Update dependencies (#3809)
80d6f73 fix(icons): Rename fingerprint icon to fingerprint-pattern (#3767)
1cfb3ff chore(deps-dev): bump vite from 6.3.5 to 6.3.6 (#3611)
e71198d chore: icon alias improvements (#2861)
3e644fd chore(scripts): Refactor scripts to typescript (#3316)
19fa01b build(deps-dev): bump vite from 6.3.2 to 6.3.4 (#3181)
03eb862 use implicit return in react package (#2325)
0fccc27 Bump dependencies (#3096)
7b95480 Added periods (#3065)
e4988bc build(deps-dev): bump vite from 5.4.15 to 5.4.17 (#2993)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for lucide-react since your current version.

Updates next from 16.1.1 to 16.1.3

Release notes

Sourced from next's releases.

v16.1.3

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

Fix linked list bug in LRU deleteFromLru (#88652)

Fix relative same host redirects in node middleware (#88253)

Credits

Huge thanks to @acdlite and @ijjk for helping!

v16.1.2

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

Turbopack: Update to swc_core v50.2.3 (#87841) (#88296)

Fixes a crash when processing mdx files with multibyte characters. (#87713)

Turbopack: mimalloc upgrade and enabling it on musl (#88503) (#87815) (#88426)

Fixes a significant performance issue on musl-based Linux distributions (e.g. Alpine in Docker) related to musl's allocator.

Other platforms have always used mimalloc, but we previously did not use mimalloc on musl because of compilation issues that have since been resolved.

Credits

Huge thanks to @mischnic for helping!

Commits

f01cf07 v16.1.3
74b43ae [backport]: Fix linked list bug in LRU deleteFromLru (#88652)
812cd75 [backport] Fix relative same host redirects in node middleware #88253 (#88630)
cb436b3 v16.1.2
e13100a [Backport] mimalloc upgrade and enabling it on musl (#88503)
beb3a76 Backport: fix: normalize CRLF line endings in jscodeshift tests on Windows #8...
da37eee Backport (16.1.x): Turbopack: Update to swc_core v50.2.3 (#87841) (#88296)
See full diff in compare view

Updates node-datachannel from 0.31.0 to 0.32.0

Release notes

Sourced from node-datachannel's releases.

v0.32.0

What's Changed

Expose PacingHandler by @longnguyen2004 in murat-dogan/node-datachannel#388

Fix PacingHandler constructor by @longnguyen2004 in murat-dogan/node-datachannel#389

Merge all Windows builds by @longnguyen2004 in murat-dogan/node-datachannel#390

Full Changelog: murat-dogan/node-datachannel@v0.31.0...v0.32.0

Commits

3cd4142 v0.32.0
dcbc9a9 v0.32.0-dev
84640b0 Merge pull request #390 from Discord-RE/merge-win-ci
1f535f2 Merge pull request #389 from Discord-RE/pacinghandler-ctor-fix
15533f5 Export
c43cfed Types
7992b8f Tidying up
c161e66 Merge all Windows builds
a45609e Fix PacingHandler constructor
710424d Merge pull request #388 from longnguyen2004/pacinghandler
Additional commits viewable in compare view

Updates openai from 6.15.0 to 6.16.0

Release notes

Sourced from openai's releases.

v6.16.0

6.16.0 (2026-01-09)

Full Changelog: v6.15.0...v6.16.0

Features

api: add new Response completed_at prop (ca40534)

ci: add breaking change detection workflow (a6f3dea)

Chores

break long lines in snippets into multiline (80dee2f)

internal: codegen related update (b2fac3e)

Changelog

Sourced from openai's changelog.

6.16.0 (2026-01-09)

Full Changelog: v6.15.0...v6.16.0

Features

api: add new Response completed_at prop (ca40534)

ci: add breaking change detection workflow (a6f3dea)

Chores

break long lines in snippets into multiline (80dee2f)

internal: codegen related update (b2fac3e)

Commits

44b7ac2 Merge pull request #1731 from openai/release-please--branches--master--change...
e3059f7 release: 6.16.0
ca40534 feat(api): add new Response completed_at prop
80dee2f chore: break long lines in snippets into multiline
a6f3dea feat(ci): add breaking change detection workflow
f8828b7 Merge pull request #728 from stainless-sdks/cameron/detect-agents-breaks
8568b31 Merge branch 'next' into cameron/detect-agents-breaks
b2fac3e chore(internal): codegen related update
afd032e chore: fix previous commit
999b0b7 chore: Make fixes to CI from comments
Additional commits viewable in compare view

Updates puppeteer from 24.34.0 to 24.35.0

Release notes

Sourced from puppeteer's releases.

puppeteer-core: v24.35.0

24.35.0 (2026-01-12)

🎉 Features

support background flag when creating pages (#14547) (77245fd)

🛠️ Fixes

puppeteer-core: Deprecate Cookie attribute sameParty (#14550) (d128a84)

roll to Chrome 143.0.7499.192 (#14541) (d3127b7)

webdriver: closing page with iframes via webdriver (#14549) (b89ce87)

Dependencies

The following workspace dependencies were updated

dependencies

@puppeteer/browsers bumped from 2.11.0 to 2.11.1

puppeteer: v24.35.0

24.35.0 (2026-01-12)

♻️ Chores

puppeteer: Synchronize puppeteer versions

Dependencies

The following workspace dependencies were updated

dependencies

@puppeteer/browsers bumped from 2.11.0 to 2.11.1

puppeteer-core bumped from 24.34.0 to 24.35.0

Changelog

Sourced from puppeteer's changelog.

24.35.0 (2026-01-12)

♻️ Chores

puppeteer: Synchronize puppeteer versions

Dependencies

The following workspace dependencies were updated

dependencies

@puppeteer/browsers bumped from 2.11.0 to 2.11.1

🎉 Features

support background flag when creating pages (#14547) (77245fd)

🛠️ Fixes

puppeteer-core: Deprecate Cookie attribute sameParty (#14550) (d128a84)

roll to Chrome 143.0.7499.192 (#14541) (d3127b7)

webdriver: closing page with iframes via webdriver (#14549) (b89ce87)

Commits

853796e chore: release main (#14542)
7deeb78 chore: expose originating targetId on ConsoleMessage (#14556)
2f56831 chore(deps): bump ws from 8.18.3 to 8.19.0 in the dependencies group (#14553)
b89ce87 fix(webdriver): closing page with iframes via webdriver (#14549)
695624e chore: add internal _tabId to page (#14548)
77245fd feat: support background flag when creating pages (#14547)
2ab534b chore: npm audit fix --force (#14546)
d128a84 fix(puppeteer-core): Deprecate Cookie attribute sameParty (#14550)
84d8de3 chore(deps-dev): bump the dev-dependencies group with 3 updates (#14537)
d3127b7 fix: roll to Chrome 143.0.7499.192 (#14541)
Additional commits viewable in compare view

Updates resend from 6.6.0 to 6.8.0

Release notes

Sourced from resend's releases.

v6.8.0

What's Changed

chore(deps): update tj-actions/changed-files digest to daf9d2d by @renovate[bot] in resend/resend-node#792

chore(deps): update dependency vitest to v4.0.17 by @renovate[bot] in resend/resend-node#791

chore(deps): update dependency @types/react to v19.2.8 by @renovate[bot] in resend/resend-node#788

chore(deps): update pnpm to v10.28.0 by @renovate[bot] in resend/resend-node#787

chore(deps): update actions/checkout digest to 0c366fd by @renovate[bot] in resend/resend-node#785

fix(deps): update dependency next to v16 by @renovate[bot] in resend/resend-node#780

fix(deps): update dependency esbuild to v0.27.2 by @renovate[bot] in resend/resend-node#779

chore(deps): update dependency tsdown to v0.19.0 by @renovate[bot] in resend/resend-node#789

feat: create and send broadcasts on the same request by @Cisneiros in resend/resend-node#793

chore: bump version to 6.8.0 by @Cisneiros in resend/resend-node#795

Full Changelog: resend/resend-node@v6.7.0...v6.8.0

v6.7.0

What's Changed

chore(deps): update actions/checkout action to v6 by @renovate[bot] in resend/resend-node#760

feat: bundler (esbuild, nextjs) integration tests by @gabrielmfern in resend/resend-node#699

fix(deps): update dependency svix to v1.84.1 by @renovate[bot] in resend/resend-node#686

chore(deps): update pnpm to v10.27.0 by @renovate[bot] in resend/resend-node#674

chore(deps): update dependency @biomejs/biome to v2.3.11 by @renovate[bot] in resend/resend-node#672

chore(deps): bump next from 15.5.6 to 15.5.9 in /integrations/nextjs by @dependabot[bot] in resend/resend-node#771

chore(deps): update pnpm/action-setup digest to 1e1c8ea by @renovate[bot] in resend/resend-node#769

chore(deps): update actions/checkout digest to 8e8c483 by @renovate[bot] in resend/resend-node#759

chore(deps): update dependency tsdown to v0.18.4 by @renovate[bot] in resend/resend-node#758

fix(deps): update react monorepo by @renovate[bot] in resend/resend-node#661

chore(deps): update tj-actions/changed-files digest to 3c4bc6f by @renovate[bot] in resend/resend-node#660

chore(deps): update dependency rimraf to v6.1.2 by @renovate[bot] in resend/resend-node#756

chore(deps): update dependency pkg-pr-new to v0.0.62 by @renovate[bot] in resend/resend-node#778

chore(deps): update dependency @types/node to v24.10.4 by @renovate[bot] in resend/resend-node#777

chore(deps): update dependency vitest to v4 by @renovate[bot] in resend/resend-node#707

feat: add return type for webhooks.verify method by @vcapretz in resend/resend-node#781

feat: release 6.7.0-canary.0 by @vcapretz in resend/resend-node#783

feat: release 6.7.0 by @vcapretz in resend/resend-node#784

Full Changelog: resend/resend-node@v6.6.0...v6.7.0

Commits

a9d94dc chore: bump version to 6.8.0 (#795)
722ad64 feat: create and send broadcasts on the same request (#793)
09a0a84 chore(deps): update dependency tsdown to v0.19.0 (#789)
f913330 fix(deps): update dependency esbuild to v0.27.2 (#779)
c4c2682 fix(deps): update dependency next to v16 (#780)
bdce1cc chore(deps): update actions/checkout digest to 0c366fd (#785)
3b62fe1 chore(deps): update pnpm to v10.28.0 (#787)
d1ece4b chore(deps): update dependency @types/react to v19.2.8 (#788)
fe3e17d chore(deps): update dependency vitest to v4.0.17 (#791)
8d44578 chore(deps): update tj-actions/changed-files digest to daf9d2d (#792)
Additional commits viewable in compare view

Updates sax from 1.4.3 to 1.4.4

Commits

15f9055 1.4.4
2d1568c add engines requirement
8735c5c remove AUTHORS file, not updated
ab04012 replace string_decoder with global TextDecoder
e3db950 add missing character in onscript event.
See full diff in compare view

Updates undici from 7.16.0 to 7.18.2

Release notes

Sourced from undici's releases.

v7.18.2

⚠️ Security Release

This fixes GHSA-g9mf-h72j-4rw9 and CVE-2026-22036.

What's Changed

fix(decompress): limit Content-Encoding chain to 5 to prevent resourc… by @mcollina in nodejs/undici#4729

Full Changelog: nodejs/undici@v7.18.1...v7.18.2

v7.18.1

What's Changed

Test and Fix running without SSL by @mcollina in nodejs/undici#4727

docs: add security warning for strictContentLength option by @mcollina in nodejs/undici#4726

build(deps): bump step-security/harden-runner from 2.13.1 to 2.14.0 by @dependabot[bot] in nodejs/undici#4718

build(deps): bump actions/checkout from 6.0.0 to 6.0.1 by @dependabot[bot] in nodejs/undici#4719

Full Changelog: nodejs/undici@v7.18.0...v7.18.1

v7.18.0

What's Changed

Full Changelog: nodejs/undici@v7.17.0...v7.18.0

v7.17.0

What's Changed

chore: extract infra and encoding methods by @Uzlopak in nodejs/undici#4523

ci: remove h2 by @Uzlopak in nodejs/undici#4534

ci: make nodejs-shared wf reusable, install binaryen for wasm-opt, test on node-nightly by @Uzlopak in nodejs/undici#4535

ci: fix nightly shared library case by @Uzlopak in nodejs/undici#4543

test: consume bodies of fetch responses to fix failing macos 20 ci by @Uzlopak in nodejs/undici#4528

docs: add Cache Interceptor example to README by @tawseefnabi in nodejs/undici#4393

test: remove node20 version check by @Uzlopak in nodejs/undici#4544

types: use MessagePort instance type in MessageEvent by @Renegade334 in nodejs/undici#4546

ci: set write permissions on job level by @Uzlopak in nodejs/undici#4537

lint: activate n/no-process-exit by @Uzlopak in nodejs/undici#4548

ci: run benchmarks on pull_requests and by pushing on specific branches only by @Uzlopak in nodejs/undici#4536

chore: activate n/prefer-node-protocol to enforce 'node:' prefix for requiring node built-ins by @Uzlopak in nodejs/undici#4547

feat(H2): correct CONNECT behaviour by @metcoder95 in nodejs/undici#4541

test: fix plans by @Uzlopak in nodejs/undici#4550

feat: add runtime feature "detection" by @Uzlopak in nodejs/undici#4545

perf: use less promises in extractBody by @Uzlopak in nodejs/undici#4458

fix(proxy-agent): add missing return after callback-call by @Uzlopak in nodejs/undici#4553

fix: remove redundant line in retry-handler by @Uzlopak in nodejs/undici#4554

ci: add no-wasm-simd option by @Uzlopak in nodejs/undici#4533

fix: use lazyloaders for runtime feature detection by @Uzlopak in nodejs/undici#4557

fix: minor changes in dispatcher-base.js and types for Dispatcher by @Uzlopak in nodejs/undici#4556

... (truncated)

Commits

7e5cb2d Bumped v7.18.2 (#4730)
b04e3cb fix(decompress): limit Content-Encoding chain to 5 to prevent resource exhaus...
2bcb77b Bumped v7.18.1 (#4728)
58a12b7 build(deps): bump actions/checkout from 6.0.0 to 6.0.1 (#4719)
5fa2930 build(deps): bump step-security/harden-runner from 2.13.1 to 2.14.0 (#4718)
fbbe283 docs: add security warning for strictContentLength option (#4726)
ce12d9e fix: do not crash if Node.js is compiled without SSL (#4727)
ebe3e33 Bumped v7.18.0 (#4725)
4e9b88b fix: limit Content-Encoding chain...
Description has been truncated

… updates Bumps the minor-and-patch group with 16 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@supabase/supabase-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js) | `2.89.0` | `2.90.1` | | [framer-motion](https://github.com/motiondivision/motion) | `12.23.26` | `12.27.1` | | [ioredis](https://github.com/luin/ioredis) | `5.8.2` | `5.9.2` | | [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `0.468.0` | `0.562.0` | | [next](https://github.com/vercel/next.js) | `16.1.1` | `16.1.3` | | [node-datachannel](https://github.com/murat-dogan/node-datachannel) | `0.31.0` | `0.32.0` | | [openai](https://github.com/openai/openai-node) | `6.15.0` | `6.16.0` | | [puppeteer](https://github.com/puppeteer/puppeteer) | `24.34.0` | `24.35.0` | | [resend](https://github.com/resend/resend-node) | `6.6.0` | `6.8.0` | | [sax](https://github.com/isaacs/sax-js) | `1.4.3` | `1.4.4` | | [undici](https://github.com/nodejs/undici) | `7.16.0` | `7.18.2` | | [@testing-library/react](https://github.com/testing-library/react-testing-library) | `16.3.1` | `16.3.2` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.0.3` | `25.0.9` | | [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.7` | `19.2.8` | | [@types/webtorrent](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/webtorrent) | `0.109.10` | `0.110.1` | | [eslint-config-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next) | `16.1.1` | `16.1.3` | Updates `@supabase/supabase-js` from 2.89.0 to 2.90.1 - [Release notes](https://github.com/supabase/supabase-js/releases) - [Changelog](https://github.com/supabase/supabase-js/blob/master/packages/core/supabase-js/CHANGELOG.md) - [Commits](https://github.com/supabase/supabase-js/commits/v2.90.1/packages/core/supabase-js) Updates `framer-motion` from 12.23.26 to 12.27.1 - [Changelog](https://github.com/motiondivision/motion/blob/main/CHANGELOG.md) - [Commits](motiondivision/motion@v12.23.26...v12.27.1) Updates `ioredis` from 5.8.2 to 5.9.2 - [Release notes](https://github.com/luin/ioredis/releases) - [Changelog](https://github.com/redis/ioredis/blob/main/CHANGELOG.md) - [Commits](redis/ioredis@v5.8.2...v5.9.2) Updates `lucide-react` from 0.468.0 to 0.562.0 - [Release notes](https://github.com/lucide-icons/lucide/releases) - [Commits](https://github.com/lucide-icons/lucide/commits/0.562.0/packages/lucide-react) Updates `next` from 16.1.1 to 16.1.3 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v16.1.1...v16.1.3) Updates `node-datachannel` from 0.31.0 to 0.32.0 - [Release notes](https://github.com/murat-dogan/node-datachannel/releases) - [Commits](murat-dogan/node-datachannel@v0.31.0...v0.32.0) Updates `openai` from 6.15.0 to 6.16.0 - [Release notes](https://github.com/openai/openai-node/releases) - [Changelog](https://github.com/openai/openai-node/blob/master/CHANGELOG.md) - [Commits](openai/openai-node@v6.15.0...v6.16.0) Updates `puppeteer` from 24.34.0 to 24.35.0 - [Release notes](https://github.com/puppeteer/puppeteer/releases) - [Changelog](https://github.com/puppeteer/puppeteer/blob/main/CHANGELOG.md) - [Commits](puppeteer/puppeteer@puppeteer-v24.34.0...puppeteer-v24.35.0) Updates `resend` from 6.6.0 to 6.8.0 - [Release notes](https://github.com/resend/resend-node/releases) - [Commits](resend/resend-node@v6.6.0...v6.8.0) Updates `sax` from 1.4.3 to 1.4.4 - [Commits](isaacs/sax-js@v1.4.3...v1.4.4) Updates `undici` from 7.16.0 to 7.18.2 - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v7.16.0...v7.18.2) Updates `@testing-library/react` from 16.3.1 to 16.3.2 - [Release notes](https://github.com/testing-library/react-testing-library/releases) - [Changelog](https://github.com/testing-library/react-testing-library/blob/main/CHANGELOG.md) - [Commits](testing-library/react-testing-library@v16.3.1...v16.3.2) Updates `@types/node` from 25.0.3 to 25.0.9 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@types/react` from 19.2.7 to 19.2.8 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) Updates `@types/webtorrent` from 0.109.10 to 0.110.1 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/webtorrent) Updates `eslint-config-next` from 16.1.1 to 16.1.3 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/commits/v16.1.3/packages/eslint-config-next) --- updated-dependencies: - dependency-name: "@supabase/supabase-js" dependency-version: 2.90.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: framer-motion dependency-version: 12.27.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: ioredis dependency-version: 5.9.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: lucide-react dependency-version: 0.562.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: next dependency-version: 16.1.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: node-datachannel dependency-version: 0.32.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: openai dependency-version: 6.16.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: puppeteer dependency-version: 24.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: resend dependency-version: 6.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: sax dependency-version: 1.4.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: undici dependency-version: 7.18.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: "@testing-library/react" dependency-version: 16.3.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@types/node" dependency-version: 25.0.9 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@types/react" dependency-version: 19.2.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@types/webtorrent" dependency-version: 0.110.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: eslint-config-next dependency-version: 16.1.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-01-19T19:02:12Z

Labels

The following labels could not be found: automated, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

socket-security · 2026-01-19T19:02:39Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Package	Supply Chain Security	Vulnerability	Quality	Maintenance
@types/webtorrent@0.109.10 ⏵ 0.110.1	^-2		^-2	⁺⁶
@types/react@19.2.7 ⏵ 19.2.8	⁺¹		⁺¹	^-2
@types/node@25.0.3 ⏵ 25.0.9	⁺¹		⁺¹
next@16.1.1 ⏵ 16.1.3			⁺¹
node-datachannel@0.31.0 ⏵ 0.32.0	⁺¹		⁺¹	⁺³
sax@1.4.3 ⏵ 1.4.4			⁺¹
puppeteer@24.34.0 ⏵ 24.35.0
lucide-react@0.468.0 ⏵ 0.562.0			⁺¹	^-1
ioredis@5.8.2 ⏵ 5.9.2			⁺¹
@testing-library/react@16.3.1 ⏵ 16.3.2				⁺⁵
undici@7.16.0 ⏵ 7.18.2	^-2	⁺¹	⁺¹
framer-motion@12.23.26 ⏵ 12.27.1	⁺²			⁺¹
openai@6.15.0 ⏵ 6.16.0			⁺¹	^-2
resend@6.6.0 ⏵ 6.8.0	⁺¹			⁺²
@supabase/supabase-js@2.89.0 ⏵ 2.90.1	⁺¹			^-1
eslint-config-next@16.1.1 ⏵ 16.1.3	⁺²		⁺³⁴	⁺³

View full report

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

deps(deps): bump the minor-and-patch group across 1 directory with 16 updates #16

deps(deps): bump the minor-and-patch group across 1 directory with 16 updates #16

Uh oh!

dependabot bot commented on behalf of github Jan 19, 2026

Uh oh!

dependabot bot commented on behalf of github Jan 19, 2026

Uh oh!

socket-security bot commented Jan 19, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

deps(deps): bump the minor-and-patch group across 1 directory with 16 updates #16

Are you sure you want to change the base?

deps(deps): bump the minor-and-patch group across 1 directory with 16 updates #16

Uh oh!

Conversation

dependabot bot commented on behalf of github Jan 19, 2026

v2.90.1

2.90.1 (2026-01-08)

🩹 Fixes

❤️ Thank You

v2.90.1-canary.1

2.90.1-canary.1 (2026-01-08)

🩹 Fixes

❤️ Thank You

v2.90.1-canary.0

2.90.1-canary.0 (2026-01-07)

🩹 Fixes

❤️ Thank You

v2.90.0

2.90.0 (2026-01-07)

🚀 Features

🩹 Fixes

2.90.1 (2026-01-08)

2.90.0 (2026-01-07)

🩹 Fixes

❤️ Thank You

[12.27.1] 2026-01-19

Fixed

[12.27.0] 2026-01-18

Added

[12.26.2] 2026-01-13

Fixed

[12.26.1] 2026-01-12

Fixed

[12.26.0] 2026-01-12

Added

[12.25.0] 2026-01-09

Added

[12.24.12] 2026-01-08

Fixed

[12.24.11] 2026-01-08

Fixed

[12.24.10] 2026-01-07

v5.9.2

5.9.2 (2026-01-15)

Bug Fixes

Reverts

v5.9.1

5.9.1 (2026-01-08)

Bug Fixes

v5.9.0

5.9.0 (2026-01-05)

Bug Fixes

Features

5.9.2 (2026-01-15)

Bug Fixes

Reverts

5.9.1 (2026-01-08)

Bug Fixes

5.9.0 (2026-01-05)

Bug Fixes

Features

Version 0.562.0

What's Changed

New Contributors

Version 0.561.0

What's Changed

Version 0.560.0

What's Changed

New Contributors

Version 0.559.0

What's Changed

New Contributors

Version 0.558.0

What's Changed

Version 0.557.0

What's Changed

v16.1.3

Core Changes

Credits