chore(deps): bump the minor-and-patch group across 1 directory with 24 updates

[dependabot]

Bumps the minor-and-patch group with 24 updates in the / directory:

Package	From	To
@inquirer/prompts	8.4.3	8.5.2
@biomejs/biome	2.4.15	2.5.0
@types/node	25.7.0	25.9.3
@vitest/coverage-v8	4.1.6	4.1.9
tsx	4.22.0	4.22.4
vitest	4.1.6	4.1.9
better-auth	1.6.11	1.6.19
date-fns	4.1.0	4.4.0
lucide-react	1.16.0	1.20.0
motion	12.38.0	12.40.0
next	16.2.6	16.2.9
next-intl	4.12.0	4.13.0
pg	8.20.0	8.21.0
postcss	8.5.14	8.5.15
radix-ui	1.4.3	1.6.0
react	19.2.6	19.2.7
@types/react	19.2.14	19.2.17
react-day-picker	10.0.0	10.0.1
react-dom	19.2.6	19.2.7
react-qr-code	2.0.21	2.2.0
shadcn	4.7.0	4.11.0
@tailwindcss/postcss	4.3.0	4.3.1
react-doctor	0.1.6	0.5.6
tailwindcss	4.3.0	4.3.1

Updates @inquirer/prompts from 8.4.3 to 8.5.2

Release notes

Sourced from @​inquirer/prompts's releases.

@​inquirer/prompts@​8.5.2

• Fix security warnings in external-editor

@​inquirer/prompts@​8.5.1

• Rolled back mute-stream dependency from v4 to v3 to undo breaking compatible engines.
• Added tooling to prevent regression of the above in the future. This surfaced our min engines already enforced a higher limit, so adjusted the explicit limits to match the current state.

@​inquirer/prompts@​8.5.0

• Feat: Read env variable INQUIRER_KEYBINDINGS to enable vim or emacs keybindings; making this a user preference instead of a library author preference. One caveat is doing so disable the search feature in the select prompt. Syntax: INQUIRER_KEYBINDINGS=vim,emacs.
• Fix: Line wraps would sometime cause the cursor to be mispositioned relative to the input.
• Chore: Bump dependencies.

Commits

• bfd8710 chore: Publish new release
• 55cc5f3 feat: add reusable package lint CLI
• 3af9ed0 test(inquirer): capture prompt runner output
• 4381857 fix(@​inquirer/input): remove stale lint suppression
• 45df331 fix(@​inquirer/external-editor): harden editor temp files
• adef323 chore: limit CI token permissions
• b43359d chore: Publish new release
• 24ecae2 chore: fix yarn.lock
• b078d97 fix: validate package engine compatibility
• 3a49f9f chore(deps-dev): Bump oxfmt in the formatting group (#2143)
• Additional commits viewable in compare view

Updates @biomejs/biome from 2.4.15 to 2.5.0

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.5.0

2.5.0

Minor Changes

• #9539 f0615fd Thanks @​ematipico! - Added a new reporter called concise. When --reporter=concise is passed the commands format, lint, check and ci, the diagnostics are printed in a compact manner:

  ! index.ts:2:10: lint/correctness/noUnusedImports: Several of these imports are unused.
  ! main.ts:9:7: lint/correctness/noUnusedVariables: This variable f is unused.
  × index.ts:8:5: lint/suspicious/noImplicitAnyLet: This variable implicitly has the any type.
  × main.ts:2:10: lint/suspicious/noRedeclare: Shouldn't redeclare 'z'. Consider to delete it or rename it.
  

• #9495 2056b23 Thanks @​aviraldua93! - Added the useKeyWithClickEvents a11y lint rule for HTML files (.html, .vue, .svelte, .astro). This is a port of the existing JSX rule. The rule enforces that elements with an onclick handler also have at least one keyboard event handler (onkeydown, onkeyup, or onkeypress) to ensure keyboard accessibility.

  Inherently keyboard-accessible elements (<a>, <button>, <input>, <select>, <textarea>, <option>) are excluded, as are elements hidden from assistive technologies (aria-hidden) or with role="presentation" / role="none".

  <!-- Invalid: no keyboard handler -->
  <div onclick="handleClick()">Click me</div>
  <!-- Valid: has keyboard handler -->
  <div onclick="handleClick()" onkeydown="handleKeyDown()">Click me</div>
  <!-- Valid: inherently keyboard-accessible -->
  <button onclick="handleClick()">Submit</button>

• #9152 9ec8500 Thanks @​ematipico! - Added new nursery lint rule noUndeclaredClasses for HTML, JSX, and SFC files (Vue, Astro, Svelte). The rule detects CSS class names used in class="..." (or className) attributes that are not defined in any <style> block or linked stylesheet reachable from the file.

  <!-- .typo is used but never defined -->
  <html>
    <head>
      <style>
        .button {
          color: blue;
        }
      </style>
    </head>
    <body>
      <div class="button typo"></div>
    </body>
  </html>

• #9152 9ec8500 Thanks @​ematipico! - Added new nursery lint rule noUnusedClasses for CSS. The rule detects CSS class selectors that are never referenced in any HTML or JSX file that imports the stylesheet. This is a project-domain rule that requires the module graph.

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.5.0

Minor Changes

• #9539 f0615fd Thanks @​ematipico! - Added a new reporter called concise. When --reporter=concise is passed the commands format, lint, check and ci, the diagnostics are printed in a compact manner:

  ! index.ts:2:10: lint/correctness/noUnusedImports: Several of these imports are unused.
  ! main.ts:9:7: lint/correctness/noUnusedVariables: This variable f is unused.
  × index.ts:8:5: lint/suspicious/noImplicitAnyLet: This variable implicitly has the any type.
  × main.ts:2:10: lint/suspicious/noRedeclare: Shouldn't redeclare 'z'. Consider to delete it or rename it.
  

• #9495 2056b23 Thanks @​aviraldua93! - Added the useKeyWithClickEvents a11y lint rule for HTML files (.html, .vue, .svelte, .astro). This is a port of the existing JSX rule. The rule enforces that elements with an onclick handler also have at least one keyboard event handler (onkeydown, onkeyup, or onkeypress) to ensure keyboard accessibility.

  Inherently keyboard-accessible elements (<a>, <button>, <input>, <select>, <textarea>, <option>) are excluded, as are elements hidden from assistive technologies (aria-hidden) or with role="presentation" / role="none".

  <!-- Invalid: no keyboard handler -->
  <div onclick="handleClick()">Click me</div>
  <!-- Valid: has keyboard handler -->
  <div onclick="handleClick()" onkeydown="handleKeyDown()">Click me</div>
  <!-- Valid: inherently keyboard-accessible -->
  <button onclick="handleClick()">Submit</button>

• #9152 9ec8500 Thanks @​ematipico! - Added new nursery lint rule noUndeclaredClasses for HTML, JSX, and SFC files (Vue, Astro, Svelte). The rule detects CSS class names used in class="..." (or className) attributes that are not defined in any <style> block or linked stylesheet reachable from the file.

  <!-- .typo is used but never defined -->
  <html>
    <head>
      <style>
        .button {
          color: blue;
        }
      </style>
    </head>
    <body>
      <div class="button typo"></div>
    </body>
  </html>

• #9152 9ec8500 Thanks @​ematipico! - Added new nursery lint rule noUnusedClasses for CSS. The rule detects CSS class selectors that are never referenced in any HTML or JSX file that imports the stylesheet. This is a project-domain rule that requires the module graph.

  /* styles.css — .ghost is never used in any importing file */

... (truncated)

Commits

• c0b9832 ci: release (#10499)
• 995c1ff feat(lint): add useFunctionComponentDefinition rule (#10498)
• 311c2b2 fix(biome_configuration): avoid Markdown links in JSON schema descriptions (#...
• 04c3f19 fix: docs and readme (#10584)
• 961f41c refactor(useExportType): improve docs and code (#10569)
• 78075b7 feat(useExportType): add style option (#10561)
• 6642895 feat: rule promotion for v2.5 (#10562)
• 9a5855e feat: noRestrictedDependencies (#10467)
• 608a62f Merge branch 'main' into chore/merge-main-into-next
• 0f29b83 feat(linter): implement useIncludes rule (#10516)
• Additional commits viewable in compare view

Updates @types/node from 25.7.0 to 25.9.3

Commits

• See full diff in compare view

Updates @vitest/coverage-v8 from 4.1.6 to 4.1.9

Release notes

Sourced from @​vitest/coverage-v8's releases.

v4.1.9

🐞 Bug Fixes

• Fix importOriginal with optimizer and query import [backport to v4] - by Hiroshi Ogawa, David Harris, Codexand Vladimir in vitest-dev/vitest#10546 (a5180)
• browser:
  • Wait for orchestrator readiness before resolving browser sessions [backport to v4] - by Vladimir and Séamus O'Connor in vitest-dev/vitest#10555 (7fb29)
  • Wait for iframe tester readiness before preparing [backport to v4] - by Vladimir and Séamus O'Connor in vitest-dev/vitest#10497 and vitest-dev/vitest#10556 (fbc62)
• mocker:
  • Hoist vi.mock() for vite-plus/test imports [backport to v4] - by Hiroshi Ogawa, LongYinan, Claude Opus 4.8 and Vladimir in vitest-dev/vitest#10548 (2c955)
• pool:
  • Prevent test run hang on worker crash [backport to v4] - by Ari Perkkiö and Jattioui Ismail in vitest-dev/vitest#10543 and vitest-dev/vitest#10564 (934b0)

View changes on GitHub

v4.1.8

   🐞 Bug Fixes

• browser:
  • Disable client cdp API when allowWrite/allowExec: false [backport to v4]  -  by @​hi-ogawa and Codex in vitest-dev/vitest#10450 (e4067)
  • Remove orphaned Playwright route when same module is mocked via multiple ids [backport to v4]  -  by @​toxik and @​Zelys-DFKH in vitest-dev/vitest#10474 (675b4)

    View changes on GitHub

v4.1.7

   🐞 Bug Fixes

• runner: Limit concurrency per task branch in addition to per leaf callbacks (backport)  -  by @​hi-ogawa in vitest-dev/vitest#10384 (4f0f2)

    View changes on GitHub

Commits

• a7a61e7 chore: release v4.1.9 (#10598)
• e61f2dd chore: release v4.1.8
• e4067b3 fix(browser): disable client cdp API when allowWrite/allowExec: false [ba...
• a09d472 chore: release v4.1.7
• See full diff in compare view

Updates tsx from 4.22.0 to 4.22.4

Release notes

Sourced from tsx's releases.

v4.22.4

4.22.4 (2026-05-31)

Bug Fixes

• resolve CommonJS directory requires inside dependencies (#803) (1ce8463)

---

This release is also available on:

• npm package (@​latest dist-tag)

v4.22.3

4.22.3 (2026-05-19)

Bug Fixes

• decode typed loader source (dce02fc)
• preserve entrypoint with TypeScript preload hooks (68f72f3)

---

This release is also available on:

• npm package (@​latest dist-tag)

v4.22.2

4.22.2 (2026-05-18)

Bug Fixes

• preserve CJS JSON require in ESM hooks (35b700b)
• preserve named exports from CommonJS TypeScript (11de737)
• support module.exports require(esm) interop (cf8f199)

---

This release is also available on:

• npm package (@​latest dist-tag)

v4.22.1

4.22.1 (2026-05-17)

Bug Fixes

• resolve tsconfig path aliases containing a colon (#780) (6979f28)

---

This release is also available on:

• npm package (@​latest dist-tag)

Commits

• 1ce8463 fix: resolve CommonJS directory requires inside dependencies (#803)
• dce02fc fix: decode typed loader source
• 68f72f3 fix: preserve entrypoint with TypeScript preload hooks
• 69455cf test: cover package exports for ambiguous ESM reexports
• 35b700b fix: preserve CJS JSON require in ESM hooks
• ef807db chore: update testing dependencies
• 3917090 test: document compatibility test taxonomy
• de8113f refactor: centralize Node capability facts
• c1f62db test: consolidate tsconfig path edge coverage
• 4e08174 test: consolidate loader hook coverage
• Additional commits viewable in compare view

Updates vitest from 4.1.6 to 4.1.9

Release notes

Sourced from vitest's releases.

v4.1.9

🐞 Bug Fixes

• Fix importOriginal with optimizer and query import [backport to v4] - by Hiroshi Ogawa, David Harris, Codexand Vladimir in vitest-dev/vitest#10546 (a5180)
• browser:
  • Wait for orchestrator readiness before resolving browser sessions [backport to v4] - by Vladimir and Séamus O'Connor in vitest-dev/vitest#10555 (7fb29)
  • Wait for iframe tester readiness before preparing [backport to v4] - by Vladimir and Séamus O'Connor in vitest-dev/vitest#10497 and vitest-dev/vitest#10556 (fbc62)
• mocker:
  • Hoist vi.mock() for vite-plus/test imports [backport to v4] - by Hiroshi Ogawa, LongYinan, Claude Opus 4.8 and Vladimir in vitest-dev/vitest#10548 (2c955)
• pool:
  • Prevent test run hang on worker crash [backport to v4] - by Ari Perkkiö and Jattioui Ismail in vitest-dev/vitest#10543 and vitest-dev/vitest#10564 (934b0)

View changes on GitHub

v4.1.8

   🐞 Bug Fixes

• browser:
  • Disable client cdp API when allowWrite/allowExec: false [backport to v4]  -  by @​hi-ogawa and Codex in vitest-dev/vitest#10450 (e4067)
  • Remove orphaned Playwright route when same module is mocked via multiple ids [backport to v4]  -  by @​toxik and @​Zelys-DFKH in vitest-dev/vitest#10474 (675b4)

    View changes on GitHub

v4.1.7

   🐞 Bug Fixes

• runner: Limit concurrency per task branch in addition to per leaf callbacks (backport)  -  by @​hi-ogawa in vitest-dev/vitest#10384 (4f0f2)

    View changes on GitHub

Commits

• a7a61e7 chore: release v4.1.9 (#10598)
• 934b0f5 fix(pool): prevent test run hang on worker crash (#10543) [backport to v4] (#...
• 7fb2965 fix(browser): wait for orchestrator readiness before resolving browser sessio...
• a518019 fix: fix importOriginal with optimizer and query import [backport to v4] (#...
• e61f2dd chore: release v4.1.8
• e4067b3 fix(browser): disable client cdp API when allowWrite/allowExec: false [ba...
• a09d472 chore: release v4.1.7
• See full diff in compare view

Updates better-auth from 1.6.11 to 1.6.19

Release notes

Sourced from better-auth's releases.

v1.6.19

better-auth

Features

• Added support for pre-binding device codes to a specific user in the device authorization plugin (#9995)

Bug Fixes

• Fixed headerless session checks (#10053)
• Fixed cookie cache fallback lookup (#9348)
• Fixed sendVerificationEmail errors not being surfaced to the client (#8863)
• Fixed auth client return types not being emitted correctly in TypeScript declaration builds (#10071)
• Fixed session and account cache cookies being silently dropped when near the browser's per-cookie size limit by splitting them into chunks (#10088)
• Fixed single-use verification flows (such as magic-link) hanging on connection-limited database adapters by reusing active transactions (#10070)
• Fixed the domain not being included when clearing cross-subdomain cookies in the last-login-method plugin (#9319)
• Fixed the oauth-popup plugin leaking internal OAuth state keys into additionalData (#10067)
• Reverted the headerless session check fix (#10074)

For detailed changes, see CHANGELOG

auth

Bug Fixes

• Fixed the generate command not handling a directory path passed to --output (#9564)
• Fixed array additionalField default values not being serialized correctly in the Drizzle schema generator (#10048)

For detailed changes, see CHANGELOG

@better-auth/drizzle-adapter

Bug Fixes

• Fixed password reset tokens not working with the Drizzle MySQL adapter after being consumed (#10081)

For detailed changes, see CHANGELOG

@better-auth/mongo-adapter

Bug Fixes

• Fixed guarded state transitions (token rotation, revocation, two-factor backup-code regeneration, device-code claiming, and organization invitation acceptance) failing on Prisma and on MongoDB servers older than 5.0 (#10086)

For detailed changes, see CHANGELOG

@better-auth/passkey

Bug Fixes

... (truncated)

Changelog

Sourced from better-auth's changelog.

1.6.19

Patch Changes

• #10088 de4aa52 Thanks @​bytaesu! - Session and account cache cookies near the browser's per-cookie size limit (for example with a long cookiePrefix or many cached fields) are now split into chunks instead of being silently dropped by the browser. A cache too large to fit even when chunked is skipped with a warning rather than failing the request, so reads fall back to the database.

• #9995 b4b0266 Thanks @​ElGauchooooo! - The device authorization plugin now accepts an optional user_id when issuing a device code via /device/code, pre-binding the code to that user. Only the bound user can approve or deny the code, so a publicly visible user code can no longer be claimed by someone else.

• #10086 5bd5e1c Thanks @​gustavovalverde! - Refresh-token rotation and token revocation, two-factor backup-code regeneration, device-code claiming, and organization invitation acceptance now work on Prisma. Concurrent or repeat requests in these flows could previously return an error on Prisma instead of the expected result.

  On MongoDB servers older than 5.0, these flows and other guarded value updates (rate-limit window resets, API-key refills) no longer fail with an empty-update error.

  @better-auth/core: incrementOne now reports a clear error when called with no increment and no set.

• #9319 581f827 Thanks @​ping-maxwell! - fix(last-login-method): include domain when clearing cross-subdomain cookies

• #10067 8407885 Thanks @​bytaesu! - The oauth-popup plugin now ignores internal OAuth state fields passed through its additionalData parameter, so additionalData only ever carries your own custom values.

• #9555 c1a8a64 Thanks @​ChrisMGeo! - Fix invalid OpenAPI output for Better Auth callback, session, and passkey routes so client generators can consume the schema.

• #10071 635f190 Thanks @​gustavovalverde! - Auth clients exported from wrapper packages can now be emitted in TypeScript declaration builds without extra type annotations.

• #10070 a787e0b Thanks @​gustavovalverde! - Single-use verification flows no longer hang on database adapters that use a one-connection pool. This fixes magic-link verification and similar token checks in connection-limited serverless database setups.

• #9348 c2f718f Thanks @​ping-maxwell! - fix: cookie cache fallback lookup

• #8863 7d18175 Thanks @​ping-maxwell! - sendVerificationEmail was invoked via runInBackgroundOrAwait, which could defer work when advanced.backgroundTasks.handler is configured (so the handler could return 200 before the email callback finished) and, in the default path, caught and logged errors without rethrowing. User callbacks that throw APIError (e.g. 429 from a rate limiter) were therefore not reliably reflected in the HTTP response (better-auth/better-auth#8757).

  Now we await sendVerificationEmailFn so failures surface to the client with the correct status. The unauthenticated /send-verification-email path enforces a constant-time floor (500 ms) so that the response duration does not reveal whether the email belongs to a real unverified user.

• Updated dependencies [0895993, 5bd5e1c, a787e0b]:

  • @​better-auth/drizzle-adapter@​1.6.19
  • @​better-auth/core@​1.6.19
  • @​better-auth/mongo-adapter@​1.6.19
  • @​better-auth/kysely-adapter@​1.6.19
  • @​better-auth/memory-adapter@​1.6.19
  • @​better-auth/prisma-adapter@​1.6.19
  • @​better-auth/telemetry@​1.6.19

1.6.18

Patch Changes

• #9315 9ef7240 Thanks @​GautamBytes! - fix OpenAPI requestBody generation for intersected and default-wrapped body schemas

• #9583 b21a5f7 Thanks @​GautamBytes! - Fix plugin-provided client methods and additional session fields not being inferred in composite monorepos.

• Updated dependencies [b21a5f7]:

  • @​better-auth/core@​1.6.18
  • @​better-auth/drizzle-adapter@​1.6.18

... (truncated)

Commits

• ac4d81d chore: release v1.6.19 (#10034)
• 1e69725 docs: clarify stateless Cognito token refresh (#10092)
• de4aa52 fix(cookies): chunk session and account cookies near the browser size limit (...
• 5bd5e1c fix: make guarded state transitions portable on Prisma (#10086)
• 36f345b revert: fix: allow headerless get session checks (#10053) (#10074)
• 635f190 fix(client): name auth client return types (#10071)
• d009dae fix: allow headerless get session checks (#10053)
• 8407885 fix(oauth-popup): filter internal state keys from additionalData (#10067)
• c2f718f fix: cookie cache fallback lookup (#9348)
• 581f827 fix(last-login-method): include domain when clearing cross-subdomain cookies ...
• Additional commits viewable in compare view

Updates date-fns from 4.1.0 to 4.4.0

Release notes

Sourced from date-fns's releases.

v4.4.0

This release revisits the approach to CDN usage and introduces a new package, @date-fns/cdn and deprecates the date-fns CDN scripts. It allowed reducing the zipped package size from 5.83 MB down to 3.96 MB without introducing any breaking changes.

In v5.0.0-alpha.0 where CDN scripts are completely removed from date-fns the change is more significant and brings the zipped package size down to 2.89 MB.

It is just the first step in optimizing the package size. Expect further size reduction in the future v4 and v5 versions.

Changed

• DEPRECATED: The date-fns CDN scripts are now deprecated and will be removed in the next major release. Please switch to the new @date-fns/cdn package for CDN usage.

• Removed CDN source maps to reduce the package size. If you rely on them, please switch to the new @date-fns/cdn package that still includes them.

v4.3.0

Kudos to @​ImRodry and @​puneetdixit200 for their contributions.

Fixed

• Fixed missing modularized optimization fallback (for Next.js and others). See #4193.

• Fixed pt locale first day of week to be Sunday. See #4195 by @​ImRodry.

• Fixed zh-CN, zh-HK, and zh-TW locale month parsing for October, November, and December. See #4194 by @​puneetdixit200.

v4.2.1

Fixed

• Fixed type definitions missing in v4.2.0 due to TypeScript misconfiguration.

v4.2.0

This is a minor release in all senses, it only includes documentation updates (first of many) that points to the new You Don't Need date-fns* page.

* Not really

Changed

• Added Temporal API references to the JSDoc annotations of add, addBusinessDays, and addDays.

Commits

• cd53d25 Promote to v4.4.0
• d948ec1 Preserve but deprecate CDN versions for v4, set up v5 with polyfills
• ee65753 Add root mise :format task
• 9f5bdf5 Add positional argument to test/smoke.sh script
• 651ead6 Split CDN bundles into separate @​date-fns/cdn package
• 224c1a2 Deprecate type tests as attw hangs on date-fns package
• 7bb2842 Switch PACKAGE_OUTPUT_PATH to --dist flag in the package build script
• b6ad5ac Add flags to control package build script
• 424a783 Fix docs release after moving to monorepo setup
• f95bcf1 (docs): Add missing tsx dependency
• Additional commits viewable in compare view

Updates lucide-react from 1.16.0 to 1.20.0

Release notes

Sourced from lucide-react's releases.

Version 1.20.0

What's Changed

• fix(icons): decreased size of arrows inside square-arrow-* icons by @​jguddas in lucide-icons/lucide#3926
• chore(tags): Add tags to search- icons by @​jamiemlaw in lucide-icons/lucide#4099
• feat(icons): added save-check icon by @​Konixy in lucide-icons/lucide#3120
• feat(icons): added tag-plus and tag-x icons by @​adam-kov in lucide-icons/lucide#3980
• feat(icons): added banknote-check icon by @​mfjramirezf in lucide-icons/lucide#3956
• feat(icons): added clock-arrow-in icon by @​jguddas in lucide-icons/lucide#2403
• feat(icons): added summary icon by @​jpjacobpadilla in lucide-icons/lucide#3114
• feat(icons): added user-round-arrow-in icon by @​jguddas in lucide-icons/lucide#2283
• feat(icons): added clock-arrow-out icon by @​jguddas in lucide-icons/lucide#2404
• docs(docs): fix broken Svelte package source link in README by @​SRKrukowski in lucide-icons/lucide#4468
• chore(deps-dev): bump @​angular/compiler from 21.2.5 to 21.2.17 by @​dependabot[bot] in lucide-icons/lucide#4474
• chore(deps-dev): bump @​angular/core from 21.2.5 to 21.2.17 by @​dependabot[bot] in lucide-icons/lucide#4470
• chore(deps-dev): bump vitest from 4.0.12 to 4.1.0 by @​dependabot[bot] in lucide-icons/lucide#4429
• chore(deps-dev): bump markdown-it from 14.1.1 to 14.2.0 by @​dependabot[bot] in lucide-icons/lucide#4475
• chore(deps-dev): bump @​angular/common from 21.2.5 to 21.2.17 by @​dependabot[bot] in lucide-icons/lucide#4471
• feat(icons): added pencil-sparkles icon by @​jennieboops in lucide-icons/lucide#4445

New Contributors

• @​Konixy made their first contribution in lucide-icons/lucide#3120
• @​adam-kov made their first contribution in lucide-icons/lucide#3980
• @​mfjramirezf made their first contribution in lucide-icons/lucide#3956
• @​SRKrukowski made their first contribution in lucide-icons/lucide#4468
• @​jennieboops made their first contribution in lucide-icons/lucide#4445

Full Changelog: lucide-icons/lucide@1.19.0...1.20.0

Version 1.19.0

What's Changed

• chore(deps): upgrade pnpm to version 11.6.0 by @​ericfennis in lucide-icons/lucide#4458
• feat(icons): added star-* icons by @​RajnishKMehta in lucide-icons/lucide#3918
• chore(suggest-tags): Update metadata suggestion script by @​ericfennis in lucide-icons/lucide#4462
• feat(icons): added save-pen icon by @​vaporvee in lucide-icons/lucide#4179
• feat(icons): added wrench-off icon by @​nilsjonsson in lucide-icons/lucide#4434
• feat(icons): added ad icon by @​jamiemlaw in lucide-icons/lucide#4323
• feat(icons): added eye-dashed icon by @​karsa-mistmere in lucide-icons/lucide#4415
• feat(icons): added save-plus icon by @​jwlinqx in lucide-icons/lucide#4448
• feat(icons): added list-sort-descending icon by @​ericfennis in lucide-icons/lucide#4457
• fix(lucide-react-native): Fix provider exports by @​ericfennis in lucide-icons/lucide#4463
• fix(site): reserve space for icon detail drawer by @​vyctorbrzezowski in lucide-icons/lucide#4344
• fix(icons): changed wallet-cards icon by @​jguddas in lucide-icons/lucide#3888
• feat(site): Improve search and add sorting options by @​ericfennis in lucide-icons/lucide#4453
• feat(icons): added podium icon by @​jguddas in lucide-icons/lucide#2124

New Contributors

• @​vaporvee made their first contribution in lucide-icons/lucide#4179
• @​nilsjonsson made their first contribution in lucide-icons/lucide#4434
• @​jwlinqx made their first contribution in lucide-icons/lucide#4448
• @​vyctorbrzezowski made their first contribution in lucide-icons/lucide#4344

... (truncated)

Commits

• See full diff in compare view

Updates motion from 12.38.0 to 12.40.0

Changelog

Sourced from motion's changelog.

[12.40.0] 2026-05-21

Added

• path option to transition.
• arc() for motion along an arc.

[12.39.0] 2026-05-18

Added...

Description has been truncated

[github-actions]

React Doctor could not complete this scan.

Project "token-arena-web" is not a directory under /home/runner/work/TokenArena/TokenArena/web.

Report this bug

_{Reviewed by React Doctor for commit 9fa35cc.}