Skip to content

chore(deps): bump the production-dependencies group across 1 directory with 10 updates#38

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/production-dependencies-61f13940af
Closed

chore(deps): bump the production-dependencies group across 1 directory with 10 updates#38
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/production-dependencies-61f13940af

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 13, 2026

Copy link
Copy Markdown
Contributor

Bumps the production-dependencies group with 10 updates in the / directory:

Package From To
@sentry/node 10.47.0 10.57.0
google-auth-library 10.6.2 10.7.0
helmet 8.1.0 8.2.0
pg 8.20.0 8.21.0
uuid 13.0.0 14.0.0
@sentry/react 10.47.0 10.57.0
mobx 6.15.0 6.16.1
react 19.2.4 19.2.7
react-dom 19.2.4 19.2.7
react-router 7.14.0 7.17.0

Updates @sentry/node from 10.47.0 to 10.57.0

Release notes

Sourced from @​sentry/node's releases.

10.57.0

Important Changes

  • feat(angular): Add support for Angular 22 (#21330)

    @sentry/angular now officially supports Angular 22.

  • ref(core): Deprecate sendDefaultPii in favor of dataCollection (#21277)

    sendDefaultPii is deprecated and will be removed in v11. The new dataCollection option lets you control each category of collected data. sendDefaultPii: true still works and maps to enabling all dataCollection categories. dataCollection.userInfo defaults to true when dataCollection is provided, meaning auto-populated user.* fields (e.g. IP address from a request) are collected by default. Data you set explicitly (like via Sentry.setUser()) is always sent regardless. When dataCollection is not set at all, the legacy sendDefaultPii behavior applies (userInfo: false by default) to preserve backward compatibility.

    Note that an empty dataCollection: {} falls back to more permissive defaults than sendDefaultPii: false, so replicate the old behavior by opting out explicitly:

    Sentry.init({
      dataCollection: {
        userInfo: false,
        genAI: { inputs: false, outputs: false },
        httpBodies: [],
        httpHeaders: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
        cookies: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
        queryParams: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
      },
    });

Other Changes

  • feat: Use dataCollection.frameContextLines for ContextLines integration (#21323)
  • feat(cloudflare): Auto instrument D1 based on env (#21276)
  • feat(core): Change default of dataCollection.userInfo to true (#21348)
  • feat(core): Default dataCollection.httpBodies to all valid body types (#21352)
  • feat(hono): Filter noisy transactions (favicon etc) (#21365)
  • fix(cloudflare): Don't track negatively sampled spans (#21367)
  • fix(core): Use safeDateNow calls for new Date() reads (#21351)
  • fix(nextjs): Shim pinoIntegration on edge runtime (#21347)
  • fix(node): Prevent PostgresJs integration from emitting duplicate spans per query (#21364)
  • fix(node-core): Read __SENTRY_SERVER_MODULES__ lazily so Turbopack injection is honored (#21339)
  • fix(react): Detect React Router v6/v7 navigations in a layout effect to propagate the correct trace (#21326)
  • fix(react): Remove unused react.componentStack event context (#21183)
  • fix(replays): Record sentry._internal.replay_is_buffering for spans (#21297)
  • chore: Bump volta node version from 20.19.2 to 20.19.5 (#21359)

... (truncated)

Changelog

Sourced from @​sentry/node's changelog.

10.57.0

Important Changes

  • feat(angular): Add support for Angular 22 (#21330)

    @sentry/angular now officially supports Angular 22.

  • ref(core): Deprecate sendDefaultPii in favor of dataCollection (#21277)

    sendDefaultPii is deprecated and will be removed in v11. The new dataCollection option lets you control each category of collected data. sendDefaultPii: true still works and maps to enabling all dataCollection categories. dataCollection.userInfo defaults to true when dataCollection is provided, meaning auto-populated user.* fields (e.g. IP address from a request) are collected by default. Data you set explicitly (like via Sentry.setUser()) is always sent regardless. When dataCollection is not set at all, the legacy sendDefaultPii behavior applies (userInfo: false by default) to preserve backward compatibility.

    Note that an empty dataCollection: {} falls back to more permissive defaults than sendDefaultPii: false, so replicate the old behavior by opting out explicitly:

    Sentry.init({
      dataCollection: {
        userInfo: false,
        genAI: { inputs: false, outputs: false },
        httpBodies: [],
        httpHeaders: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
        cookies: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
        queryParams: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
      },
    });

Other Changes

  • feat: Use dataCollection.frameContextLines for ContextLines integration (#21323)
  • feat(cloudflare): Auto instrument D1 based on env (#21276)
  • feat(core): Change default of dataCollection.userInfo to true (#21348)
  • feat(core): Default dataCollection.httpBodies to all valid body types (#21352)
  • feat(hono): Filter noisy transactions (favicon etc) (#21365)
  • fix(cloudflare): Don't track negatively sampled spans (#21367)
  • fix(core): Use safeDateNow calls for new Date() reads (#21351)
  • fix(nextjs): Shim pinoIntegration on edge runtime (#21347)
  • fix(node): Prevent PostgresJs integration from emitting duplicate spans per query (#21364)
  • fix(node-core): Read __SENTRY_SERVER_MODULES__ lazily so Turbopack injection is honored (#21339)
  • fix(react): Detect React Router v6/v7 navigations in a layout effect to propagate the correct trace (#21326)
  • fix(react): Remove unused react.componentStack event context (#21183)
  • fix(replays): Record sentry._internal.replay_is_buffering for spans (#21297)

... (truncated)

Commits
  • 950cf97 release: 10.57.0
  • 55f9343 Merge pull request #21369 from getsentry/prepare-release/10.57.0
  • 88d9d30 meta(changelog): Update changelog for 10.57.0
  • 03ffd25 fix(cloudflare): Don't track negatively sampled spans (#21367)
  • 7c19ead ref(node): Streamline sql-common (#21360)
  • 95df562 feat(hono): Filter noisy transactions (favicon etc) (#21365)
  • 92eb5d2 feat(deps): Bump hono from 4.12.18 to 4.12.21 (#21341)
  • c6f790b fix(node): Prevent PostgresJs integration from emitting duplicate spans per q...
  • d645349 ref(node): Streamline lru-memoizer instrumentation (#21350)
  • 4293015 feat(deps): Bump @​types/aws-lambda from 8.10.150 to 8.10.161 (#21105)
  • Additional commits viewable in compare view

Updates google-auth-library from 10.6.2 to 10.7.0

Changelog

Sourced from google-auth-library's changelog.

Changelog

npm history

Commits

Updates helmet from 8.1.0 to 8.2.0

Changelog

Sourced from helmet's changelog.

8.2.0 - 2026-05-21

  • Cross-Origin-Opener-Policy: support noopener-allow-popups. See #522
  • Improve error message when passing duplicate options
Commits

Updates pg from 8.20.0 to 8.21.0

Changelog

Sourced from pg's changelog.

pg@8.21.0

Commits
  • 544b1ce Publish
  • cc03fa5 Add scramMaxIterations option to limit SCRAM iteration count (#3677)
  • f776327 Remove compatibility code for unsupported versions of Node (<16) (#3678)
  • f252870 cleanup: pg utils (#3675)
  • c8da6ab Assorted test cleanup (#3673)
  • fa47e73 fix: Client#end callback being called multiple times when first is no-op (#...
  • 88a7e60 cleanup: Move declaration to more natural place
  • 2095247 cleanup: Combine duplicated code in Client#query and avoid unneeded early n...
  • 0ac3edd fix: apply SASLprep (RFC 4013) to passwords before SCRAM-SHA-256 PBKDF2 (#3669)
  • be880d4 Assorted test fixes and cleanup (#3672)
  • Additional commits viewable in compare view

Updates uuid from 13.0.0 to 14.0.0

Release notes

Sourced from uuid's releases.

v14.0.0

14.0.0 (2026-04-19)

⚠ BREAKING CHANGES

  • expect crypto to be global everywhere (requires node@20+) (#935)
  • drop node@18 support (#934)

Features

Bug Fixes

  • expect crypto to be global everywhere (requires node@20+) (#935) (f2c235f)
  • Use GITHUB_TOKEN for release-please and enable npm provenance (#925) (ffa3138)

v13.0.2

13.0.2 (2026-05-04)

Bug Fixes

  • rerelease to fix provenance. (49ccb35)

v13.0.1

13.0.1 (2026-04-27)

Bug Fixes

Changelog

Sourced from uuid's changelog.

14.0.0 (2026-04-19)

Security

  • Fixes GHSA-w5hq-g745-h8pq: v3(), v5(), and v6() did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid offset was provided. A RangeError is now thrown if offset < 0 or offset + 16 > buf.length.

⚠ BREAKING CHANGES

  • crypto is now expected to be globally defined (requires node@20+) (#935)
  • drop node@18 support (#934)
  • upgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years
Commits
  • 7c1ea08 chore(main): release 14.0.0 (#926)
  • 3d2c5b0 Merge commit from fork
  • f2c235f fix!: expect crypto to be global everywhere (requires node@20+) (#935)
  • 529ef08 chore: upgrade TypeScript and fixup types (#927)
  • 086fd79 chore: update dependencies (#933)
  • dc4ddb8 feat!: drop node@18 support (#934)
  • 0f1f9c9 chore: switch to Biome for parsing and linting (#932)
  • e2879e6 chore: use maintained version of npm-run-all (#930)
  • ffa3138 fix: Use GITHUB_TOKEN for release-please and enable npm provenance (#925)
  • 0423d49 docs: remove obsolete v1 option notes (#915)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for uuid since your current version.


Updates @sentry/react from 10.47.0 to 10.57.0

Release notes

Sourced from @​sentry/react's releases.

10.57.0

Important Changes

  • feat(angular): Add support for Angular 22 (#21330)

    @sentry/angular now officially supports Angular 22.

  • ref(core): Deprecate sendDefaultPii in favor of dataCollection (#21277)

    sendDefaultPii is deprecated and will be removed in v11. The new dataCollection option lets you control each category of collected data. sendDefaultPii: true still works and maps to enabling all dataCollection categories. dataCollection.userInfo defaults to true when dataCollection is provided, meaning auto-populated user.* fields (e.g. IP address from a request) are collected by default. Data you set explicitly (like via Sentry.setUser()) is always sent regardless. When dataCollection is not set at all, the legacy sendDefaultPii behavior applies (userInfo: false by default) to preserve backward compatibility.

    Note that an empty dataCollection: {} falls back to more permissive defaults than sendDefaultPii: false, so replicate the old behavior by opting out explicitly:

    Sentry.init({
      dataCollection: {
        userInfo: false,
        genAI: { inputs: false, outputs: false },
        httpBodies: [],
        httpHeaders: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
        cookies: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
        queryParams: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
      },
    });

Other Changes

  • feat: Use dataCollection.frameContextLines for ContextLines integration (#21323)
  • feat(cloudflare): Auto instrument D1 based on env (#21276)
  • feat(core): Change default of dataCollection.userInfo to true (#21348)
  • feat(core): Default dataCollection.httpBodies to all valid body types (#21352)
  • feat(hono): Filter noisy transactions (favicon etc) (#21365)
  • fix(cloudflare): Don't track negatively sampled spans (#21367)
  • fix(core): Use safeDateNow calls for new Date() reads (#21351)
  • fix(nextjs): Shim pinoIntegration on edge runtime (#21347)
  • fix(node): Prevent PostgresJs integration from emitting duplicate spans per query (#21364)
  • fix(node-core): Read __SENTRY_SERVER_MODULES__ lazily so Turbopack injection is honored (#21339)
  • fix(react): Detect React Router v6/v7 navigations in a layout effect to propagate the correct trace (#21326)
  • fix(react): Remove unused react.componentStack event context (#21183)
  • fix(replays): Record sentry._internal.replay_is_buffering for spans (#21297)
  • chore: Bump volta node version from 20.19.2 to 20.19.5 (#21359)

... (truncated)

Changelog

Sourced from @​sentry/react's changelog.

10.57.0

Important Changes

  • feat(angular): Add support for Angular 22 (#21330)

    @sentry/angular now officially supports Angular 22.

  • ref(core): Deprecate sendDefaultPii in favor of dataCollection (#21277)

    sendDefaultPii is deprecated and will be removed in v11. The new dataCollection option lets you control each category of collected data. sendDefaultPii: true still works and maps to enabling all dataCollection categories. dataCollection.userInfo defaults to true when dataCollection is provided, meaning auto-populated user.* fields (e.g. IP address from a request) are collected by default. Data you set explicitly (like via Sentry.setUser()) is always sent regardless. When dataCollection is not set at all, the legacy sendDefaultPii behavior applies (userInfo: false by default) to preserve backward compatibility.

    Note that an empty dataCollection: {} falls back to more permissive defaults than sendDefaultPii: false, so replicate the old behavior by opting out explicitly:

    Sentry.init({
      dataCollection: {
        userInfo: false,
        genAI: { inputs: false, outputs: false },
        httpBodies: [],
        httpHeaders: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
        cookies: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
        queryParams: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
      },
    });

Other Changes

  • feat: Use dataCollection.frameContextLines for ContextLines integration (#21323)
  • feat(cloudflare): Auto instrument D1 based on env (#21276)
  • feat(core): Change default of dataCollection.userInfo to true (#21348)
  • feat(core): Default dataCollection.httpBodies to all valid body types (#21352)
  • feat(hono): Filter noisy transactions (favicon etc) (#21365)
  • fix(cloudflare): Don't track negatively sampled spans (#21367)
  • fix(core): Use safeDateNow calls for new Date() reads (#21351)
  • fix(nextjs): Shim pinoIntegration on edge runtime (#21347)
  • fix(node): Prevent PostgresJs integration from emitting duplicate spans per query (#21364)
  • fix(node-core): Read __SENTRY_SERVER_MODULES__ lazily so Turbopack injection is honored (#21339)
  • fix(react): Detect React Router v6/v7 navigations in a layout effect to propagate the correct trace (#21326)
  • fix(react): Remove unused react.componentStack event context (#21183)
  • fix(replays): Record sentry._internal.replay_is_buffering for spans (#21297)

... (truncated)

Commits
  • 950cf97 release: 10.57.0
  • 55f9343 Merge pull request #21369 from getsentry/prepare-release/10.57.0
  • 88d9d30 meta(changelog): Update changelog for 10.57.0
  • 03ffd25 fix(cloudflare): Don't track negatively sampled spans (#21367)
  • 7c19ead ref(node): Streamline sql-common (#21360)
  • 95df562 feat(hono): Filter noisy transactions (favicon etc) (#21365)
  • 92eb5d2 feat(deps): Bump hono from 4.12.18 to 4.12.21 (#21341)
  • c6f790b fix(node): Prevent PostgresJs integration from emitting duplicate spans per q...
  • d645349 ref(node): Streamline lru-memoizer instrumentation (#21350)
  • 4293015 feat(deps): Bump @​types/aws-lambda from 8.10.150 to 8.10.161 (#21105)
  • Additional commits viewable in compare view

Updates mobx from 6.15.0 to 6.16.1

Release notes

Sourced from mobx's releases.

mobx@6.16.1

Patch Changes

mobx@6.16.0

Minor Changes

  • 6b3fb0ee725c0521bbaf7ba901a30261472a0e71 #4639 Thanks @​ashishkr96! - feat(mobx): make the 2022.3 @computed decorator lazy. ComputedValue is now created on first read of the decorated getter rather than eagerly during instance construction, avoiding wasted allocations for getters that are never used. On a 50k-instance × 10-getter class with one read per instance this cuts construction heap by ~50% and construction time by ~25%; the steady-state read path is unchanged. Closes #4616.

  • f0c68749428fd4d3bba48e9685e44fd1ddbbee76 #4658 Thanks @​ashishkr96! - feat(mobx): make the 2022.3 @observable accessor decorator lazy. ObservableValue is now created on first read/write/observe of the decorated accessor rather than eagerly during instance construction, avoiding wasted allocations for fields that are never touched. On a 50k-instance × 10-field class with sparse access (1 of 10 fields read per instance), this cuts construction heap by ~82% and construction time by ~86% versus the eager path. Follow-up to #4639.

Patch Changes

mobx@6.15.4

Patch Changes

mobx@6.15.3

Patch Changes

mobx@6.15.2

Patch Changes

mobx@6.15.1

Patch Changes

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for mobx since your current version.


Updates react from 19.2.4 to 19.2.7

Release notes

Sourced from react's releases.

19.2.7 (June 1st, 2026)

React Server Components

19.2.6 (May 6th, 2026)

React Server Components

19.2.5 (April 8th, 2026)

React Server Components

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react since your current version.


Updates react-dom from 19.2.4 to 19.2.7

Release notes

Sourced from react-dom's releases.

19.2.7 (June 1st, 2026)

React Server Components

19.2.6 (May 6th, 2026)

React Server Components

19.2.5 (April 8th, 2026)

React Server Components

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react-dom since your current version.


Updates react-router from 7.14.0 to 7.17.0

Release notes

Sourced from react-router's releases.

v7.17.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7170

v7.16.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7160

v7.15.1

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7151

v7.15.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7150

v7.14.2

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7142

v7.14.1

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7141

Changelog

Sourced from react-router's changelog.

v7.17.0

Minor Changes

  • Ship a subset of the official documentation inside the react-router package (#15121)
    • Markdown docs are now available in node_modules/react-router/docs, letting AI coding agents and the React Router agent skills read official docs locally
    • Excludes auto-generated API docs (api/), community/ content, and tutorials (tutorials/)

v7.16.0

Minor Changes

  • Stabilize future.unstable_trailingSlashAwareDataRequests as future.v8_trailingSlashAwareDataRequests (#15098)

Patch Changes

  • Disable manifest path when lazy route dicovery is disabled (#15068)

  • Fix browser URL creation to use the configured history window instead of the global window. (#15066)

    • Pass the history/router window through to createBrowserURLImpl so custom window contexts keep the correct URL origin.
  • Fix useNavigation() return type to preserve discriminated union across navigation states (#15095)

  • Widen MetaDescriptor script:ld+json type from LdJsonObject to LdJsonObject | LdJsonObject[] to permit multiple JSON-LD schemas in a single <script type="application/ld+json"> tag emitted by <Meta /> (#15082)

v7.15.1

Patch Changes

  • Update router to operate on fetcher Maps in an immutable manner to avoid delayed React renders from potentially reading an updated but not yet committed Map. This could result in brief flickers in some fetcher-driven optimistic UI scenarios. (#15028)
  • Fix serverLoader() returning stale SSR data when a client navigation aborts pending hydration before the hydration clientLoader resolves (#15022)
  • Fix RouterProvider onError callback not being called for synchronous initial loader errors in SPA mode (#15039) (#14942)
  • Memoize useFetchers to return a stable identity and only change if fetchers changed (#15028)
  • Internal refactor to consolidate mutation request detection through shared utility (#15033)

Unstable Changes

⚠️ Unstable features are not recommended for production use

  • Add a new unstable_useRouterState() hook that consolidates access to active and pending router states (RFC: #12358) (#15017)
    • Data/Framework/RSC only — throws when used without a data router

    • This should allow you to consolidate usages of the following hooks which will likely be deprecated and removed in a future major version

      • useLocation
      • useSearchParams
      • useParams
      • useMatches
      • useNavigationType
      • useNavigation

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…y with 10 updates

Bumps the production-dependencies group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@sentry/node](https://github.com/getsentry/sentry-javascript) | `10.47.0` | `10.57.0` |
| [google-auth-library](https://github.com/googleapis/google-cloud-node-core/tree/HEAD/packages/google-auth-library-nodejs) | `10.6.2` | `10.7.0` |
| [helmet](https://github.com/helmetjs/helmet) | `8.1.0` | `8.2.0` |
| [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg) | `8.20.0` | `8.21.0` |
| [uuid](https://github.com/uuidjs/uuid) | `13.0.0` | `14.0.0` |
| [@sentry/react](https://github.com/getsentry/sentry-javascript) | `10.47.0` | `10.57.0` |
| [mobx](https://github.com/mobxjs/mobx) | `6.15.0` | `6.16.1` |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.4` | `19.2.7` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.4` | `19.2.7` |
| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `7.14.0` | `7.17.0` |



Updates `@sentry/node` from 10.47.0 to 10.57.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](getsentry/sentry-javascript@10.47.0...10.57.0)

Updates `google-auth-library` from 10.6.2 to 10.7.0
- [Release notes](https://github.com/googleapis/google-cloud-node-core/releases)
- [Changelog](https://github.com/googleapis/google-cloud-node-core/blob/main/packages/google-auth-library-nodejs/CHANGELOG.md)
- [Commits](https://github.com/googleapis/google-cloud-node-core/commits/HEAD/packages/google-auth-library-nodejs)

Updates `helmet` from 8.1.0 to 8.2.0
- [Changelog](https://github.com/helmetjs/helmet/blob/main/CHANGELOG.md)
- [Commits](helmetjs/helmet@v8.1.0...v8.2.0)

Updates `pg` from 8.20.0 to 8.21.0
- [Changelog](https://github.com/brianc/node-postgres/blob/master/CHANGELOG.md)
- [Commits](https://github.com/brianc/node-postgres/commits/pg@8.21.0/packages/pg)

Updates `uuid` from 13.0.0 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v13.0.0...v14.0.0)

Updates `@sentry/react` from 10.47.0 to 10.57.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](getsentry/sentry-javascript@10.47.0...10.57.0)

Updates `mobx` from 6.15.0 to 6.16.1
- [Release notes](https://github.com/mobxjs/mobx/releases)
- [Commits](https://github.com/mobxjs/mobx/commits/mobx@6.16.1)

Updates `react` from 19.2.4 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react)

Updates `react-dom` from 19.2.4 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react-dom)

Updates `react-router` from 7.14.0 to 7.17.0
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/react-router@7.17.0/packages/react-router)

---
updated-dependencies:
- dependency-name: "@sentry/node"
  dependency-version: 10.57.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: google-auth-library
  dependency-version: 10.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: helmet
  dependency-version: 8.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: pg
  dependency-version: 8.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@sentry/react"
  dependency-version: 10.57.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: mobx
  dependency-version: 6.16.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: react
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: react-dom
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: react-router
  dependency-version: 7.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency label Jun 13, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jun 20, 2026

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Jun 20, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/production-dependencies-61f13940af branch June 20, 2026 02:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants