Skip to content

chore(deps): bump the npm-minor-patch group across 1 directory with 17 updates#63

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-minor-patch-f6b8a68d43
Open

chore(deps): bump the npm-minor-patch group across 1 directory with 17 updates#63
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-minor-patch-f6b8a68d43

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Jun 4, 2026

Bumps the npm-minor-patch group with 17 updates in the / directory:

Package From To
@opennextjs/cloudflare 1.19.9 1.19.11
@shikijs/core 4.0.2 4.2.0
@shikijs/engine-javascript 4.0.2 4.2.0
@shikijs/langs 4.0.2 4.2.0
@shikijs/themes 4.0.2 4.2.0
@shikijs/transformers 4.0.2 4.2.0
@types/node 25.7.0 25.9.1
js-yaml 4.1.1 4.2.0
lucide-react 1.14.0 1.17.0
next 15.5.18 15.5.19
posthog-js 1.373.4 1.379.2
react 19.2.6 19.2.7
@types/react 19.2.14 19.2.16
react-dom 19.2.6 19.2.7
shiki 4.0.2 4.2.0
tsx 4.21.0 4.22.4
wrangler 4.90.1 4.97.0

Updates @opennextjs/cloudflare from 1.19.9 to 1.19.11

Release notes

Sourced from @​opennextjs/cloudflare's releases.

@​opennextjs/cloudflare@​1.19.11

Patch Changes

  • #1270 802047e Thanks @​alex-all3dp! - fix: skip non-upload-triggered worker versions when building skew-protection deployment mapping

    Worker versions created by metadata-only operations (e.g. Cloudflare API secret updates) do not include the static assets bundle. Previously, such versions could become the "latest" target in the skew-protection mapping, causing /_next/static/* requests to return 404 on past deployments. Versions are now filtered to those with workers/triggered_by in {upload, version_upload}.

    Closes #1230

@​opennextjs/cloudflare@​1.19.10

Patch Changes

  • #1261 780dd4f Thanks @​vicb! - Allow populating R2 when the domain is protected by Cloudflare Access

    You need to:

    • create a "Service Auth" policy for "open-next-cache-populate..workers.dev"
    • add an "Include" rule for "Any Access Service Token" or for a given service token ("Service Token")
    • populate the env variables CLOUDFLARE_ACCESS_CLIENT_ID and CLOUDFLARE_ACCESS_CLIENT_SECRET
Changelog

Sourced from @​opennextjs/cloudflare's changelog.

1.19.11

Patch Changes

  • #1270 802047e Thanks @​alex-all3dp! - fix: skip non-upload-triggered worker versions when building skew-protection deployment mapping

    Worker versions created by metadata-only operations (e.g. Cloudflare API secret updates) do not include the static assets bundle. Previously, such versions could become the "latest" target in the skew-protection mapping, causing /_next/static/* requests to return 404 on past deployments. Versions are now filtered to those with workers/triggered_by in {upload, version_upload}.

    Closes #1230

1.19.10

Patch Changes

  • #1261 780dd4f Thanks @​vicb! - Allow populating R2 when the domain is protected by Cloudflare Access

    You need to:

    • create a "Service Auth" policy for "open-next-cache-populate..workers.dev"
    • add an "Include" rule for "Any Access Service Token" or for a given service token ("Service Token")
    • populate the env variables CLOUDFLARE_ACCESS_CLIENT_ID and CLOUDFLARE_ACCESS_CLIENT_SECRET
Commits

Updates @shikijs/core from 4.0.2 to 4.2.0

Release notes

Sourced from @​shikijs/core's releases.

v4.2.0

   🚀 Features

   🐞 Bug Fixes

    View changes on GitHub

v4.1.0

   🐞 Bug Fixes

    View changes on GitHub
Commits

Updates @shikijs/engine-javascript from 4.0.2 to 4.2.0

Release notes

Sourced from @​shikijs/engine-javascript's releases.

v4.2.0

   🚀 Features

   🐞 Bug Fixes

    View changes on GitHub

v4.1.0

   🐞 Bug Fixes

    View changes on GitHub
Commits

Updates @shikijs/langs from 4.0.2 to 4.2.0

Release notes

Sourced from @​shikijs/langs's releases.

v4.2.0

   🚀 Features

   🐞 Bug Fixes

    View changes on GitHub

v4.1.0

   🐞 Bug Fixes

    View changes on GitHub
Commits

Updates @shikijs/themes from 4.0.2 to 4.2.0

Release notes

Sourced from @​shikijs/themes's releases.

v4.2.0

   🚀 Features

   🐞 Bug Fixes

    View changes on GitHub

v4.1.0

   🐞 Bug Fixes

    View changes on GitHub
Commits

Updates @shikijs/transformers from 4.0.2 to 4.2.0

Release notes

Sourced from @​shikijs/transformers's releases.

v4.2.0

   🚀 Features

   🐞 Bug Fixes

    View changes on GitHub

v4.1.0

   🐞 Bug Fixes

    View changes on GitHub
Commits

Updates @types/node from 25.7.0 to 25.9.1

Commits

Updates js-yaml from 4.1.1 to 4.2.0

Changelog

Sourced from js-yaml's changelog.

[4.2.0] - 2026-06-01

Added

  • Added docs/safety.md with notes about processing untrusted YAML.
  • Added maxDepth (100) loader option. Not a problem, but gives a better exception instead of RangeError on stack overflow.
  • Added maxMergeSeqLength (20) loader option. Not a problem after merge fix, but an additional restriction for safety.
  • Added sourcemaps to dist/ builds.

Changed

  • Stop resolving numbers with underscores as numeric scalars, #627.
  • Switched dev toolchains to Vite / neostandard.
  • Updated demo.
  • Reorganized tests.
  • dist/ files are no longer kept in the repository.

Fixed

  • Fix parsing of properties on the first implicit block mapping key, #62.
  • Fix trailing whitespace handling when folding flow scalar lines, #307.
  • Reject top-level block scalars without content indentation, #280.
  • Ensure numbers survive round-trip, #737.
  • Fix test coverage for issue #221.
  • Fix flow scalar trailing whitespace folding, #307.
  • Fix digits in YAML named tag handles.

Security

  • Fix potential DoS via quadratic complexity in merge - deduplicate repeated elements (makes sense for malformed files > 10K).

[3.14.2] - 2025-11-15

Security

  • Backported v4.1.1 fix to v3
Commits

Updates lucide-react from 1.14.0 to 1.17.0

Release notes

Sourced from lucide-react's releases.

Version 1.17.0

What's Changed

Full Changelog: lucide-icons/lucide@1.16.0...1.17.0

Version 1.16.0

What's Changed

Full Changelog: lucide-icons/lucide@1.15.0...1.16.0

Version 1.15.0

What's Changed

New Contributors

Full Changelog: lucide-icons/lucide@1.14.0...1.15.0

Commits

Updates next from 15.5.18 to 15.5.19

Release notes

Sourced from next's releases.

15.5.19

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • [15.5.x] Don't drop FormData entries (#94244)

Other

Credits

Huge thanks to @​eps1lon for helping!

Commits

Updates posthog-js from 1.373.4 to 1.379.2

Release notes

Sourced from posthog-js's releases.

posthog-js@1.379.2

1.379.2

Patch Changes

  • #3736 374962a Thanks @​arnohillen! - replay: re-apply scroll positions after fast-forward/seek. Scrolls applied mid-catch-up could clamp to 0 when the target wasn't scrollable yet (e.g. scroll-revealed sheets/modals whose content sits below the fold), leaving the content scrolled out of view on replay. The last scroll per node is now re-applied in the flush stage once layout has settled. posthog-js is bumped too so the rebuilt bundle containing the fix is published. (2026-06-03)
  • Updated dependencies []:
    • @​posthog/types@​1.379.2
    • @​posthog/core@​1.30.5

posthog-js@1.379.1

1.379.1

Patch Changes

  • #3570 4a27ced Thanks @​gruessi! - fix(record): release iframe documents and observers on iframe removal — same-origin iframes mounted and unmounted while session recording is active no longer leak their Document, every node serialized into the mirror, or one MutationObserver per mount. Closes eight retainer chains: load-listener disposers, named pagehide handlers, the recordCrossOriginIframes cleanup gate (now applied to same-origin too), captured Document / Window sets that survive iframe.src swap-to-about:blank before removal, and the global mutationBuffers[] / handlers[] arrays which previously accumulated forever. Validated end-to-end: a host page that mounts/unmounts 5 blob-URL iframes every 2s for 110s went from +118 MB / +390 leaked HTMLDocuments to ~0 MB / 0. (2026-06-03)

  • #3717 1688b38 Thanks @​turnipdabeets! - Move the OpenTelemetry logs dependencies to devDependencies. They are only used to build the CDN-served logs extension chunk, which inlines them, so consumers no longer install the transitive protobufjs (whose eval("require") tripped unsafe-eval Content Security Policies).

    If you imported @opentelemetry/* directly while relying on it being hoisted from posthog-js, add it to your own dependencies. (2026-06-03)

  • Updated dependencies []:

    • @​posthog/types@​1.379.1
    • @​posthog/core@​1.30.4

posthog-js@1.379.0

1.379.0

Minor Changes

  • #3722 c487070 Thanks @​marandaneto! - Add $sdk_dist_channel event property for browser SDK npm and cdn distribution channels. (2026-06-02)

Patch Changes

  • Updated dependencies []:
    • @​posthog/types@​1.379.0
    • @​posthog/core@​1.30.3

posthog-js@1.378.1

1.378.1

Patch Changes

  • #3706 8fcf40d Thanks @​dustinbyrne! - fix(browser): avoid exposing internally-created Request bodies to downstream fetch wrappers in Safari. (2026-06-01)
  • Updated dependencies []:
    • @​posthog/types@​1.378.1

... (truncated)

Commits
  • 79de441 chore: update versions and lockfile [version bump]
  • 374962a fix(replay): re-apply scroll after fast-forward catch-up (#3736)
  • 4a8cacc chore: add Sentry attribution comments (#3738)
  • 4359f26 chore: update versions and lockfile [version bump]
  • 42b720f fix(react-native): preserve Expo iOS bundle script wrapper (#3734)
  • 5d9c18b chore: skip secret workflows for forked PRs (#3733)
  • d385e2a chore: clarify error tracking comments (#3735)
  • 808862d chore: update versions and lockfile [version bump]
  • 308dd38 chore: add Sentry attribution comments (#3732)
  • 4a27ced fix(record): stop leaking same-origin iframe state on removal (#3570)
  • Additional commits viewable in compare view

Updates react from 19.2.6 to 19.2.7

Release notes

Sourced from react's releases.

19.2.7 (June 1st, 2026)

React Server Components

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react since your current version.


Updates @types/react from 19.2.14 to 19.2.16

Commits

Updates react-dom from 19.2.6 to 19.2.7

Release notes

Sourced from react-dom's releases.

19.2.7 (June 1st, 2026)

React Server Components

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react-dom since your current version.


Updates shiki from 4.0.2 to 4.2.0

Release notes

Sourced from shiki's releases.

v4.2.0

   🚀 Features

   🐞 Bug Fixes

    View changes on GitHub

v4.1.0

   🐞 Bug Fixes

    View changes on GitHub
Commits

Updates @types/react from 19.2.14 to 19.2.16

Commits

Updates tsx from 4.21.0 to 4.22.4

Release notes

Sourced from tsx's releases.

v4.22.4

4.22.4 (2026-05-31)

Bug Fixes

  • resolve CommonJS directory requires inside dependencies (#803) (1ce8463)

This release is also available on:

v4.22.3

4.22.3 (2026-05-19)

Bug Fixes

  • decode typed loader source (dce02fc)
  • preserve entrypoint with TypeScript preload hooks (68f72f3)

This release is also available on:

v4.22.2

4.22.2 (2026-05-18)

Bug Fixes

  • preserve CJS JSON require in ESM hooks (35b700b)
  • preserve named exports from CommonJS TypeScript (11de737)
  • support module.exports require(esm) interop (cf8f199)

This release is also available on:

v4.22.1

4.22.1 (2026-05-17)

Bug Fixes

  • resolve tsconfig path aliases containing a colon (#780) (6979f28)

This release is also available on:

... (truncated)

Commits
  • 1ce8463 fix: resolve CommonJS directory requires inside dependencies (#803)
  • dce02fc fix: decode typed loader source
  • 68f72f3 fix: preserve entrypoint with TypeScript preload hooks
  • 69455cf test: cover package exports for ambiguous ESM reexports
  • 35b700b fix: preserve CJS JSON require in ESM hooks
  • ef807db chore: update testing dependencies
  • 3917090 test: document compatibility test taxonomy
  • de8113f refactor: centralize Node capability facts
  • c1f62db test: consolidate tsconfig path edge coverage
  • 4e08174 test: consolidate loader hook coverage
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for tsx since your current version.


Updates wrangler from 4.90.1 to 4.97.0

Release notes

Sourced from wrangler's releases.

wrangler@4.97.0

Minor Changes

  • #13996 94b29f7 Thanks @​vaishnav-mk! - Add restart-from-step options to wrangler workflows instances restart

    You can now restart a Workflow instance from a specific step using --from-step-name, with optional --from-step-count and --from-step-type disambiguation. These options work for both remote Workflow instances and local wrangler dev --local sessions.

Patch Changes

  • #14141 b210c5e Thanks @​MattieTK! - Add re-authentication hint to account fetch error messages

    When Wrangler fails to automatically retrieve account IDs, the error messages now suggest running wrangler login as a troubleshooting step. This addresses confusion for users who encounter these errors after OAuth system changes or other authentication issues.

  • #14078 aec1bb8 Thanks @​MattieTK! - Bump am-i-vibing from 0.1.1 to 0.4.0

    This updates the agentic environment detection library to the latest version, which includes improved detection coverage for newer AI coding agents.

  • #14147 e06cbb7 Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

    The following dependency versions have been updated:

    Dependency From To
    workerd 1.20260529.1 1.20260601.1

  • #14027 9a26191 Thanks @​matingathani! - Gracefully handle EMFILE error when assets directory exceeds OS watcher limit

    Previously, when wrangler dev was pointed at an assets directory with more than ~4,096 subdirectories, the chokidar file watcher threw an EMFILE: too many open files error that was not caught, causing an infinite error loop that made the dev server unresponsive.

    Now the error is caught and wrangler:

    1. Logs a clear warning explaining the platform watcher limit was hit
    2. Recommends reducing the number of subdirectories by flattening or restructuring the assets directory
    3. Disables the assets watcher gracefully so the dev server continues working without hot-reload

  • #14041 5565823 Thanks @​matingathani! - Fix wrangler complete printing the AI skills prompt into shell completion output

    Previously, running eval "$(wrangler complete zsh)" (or any other shell) would fail with errors like zsh: command not found: --install-skills because the interactive AI agent skills installation prompt was included in the completion script output.

    The skills prompt is now skipped when running wrangler complete, so the generated completion script is clean and can be sourced correctly.

  • #13881 890fca7 Thanks @​matingathani! - Show a clear error when --metadata is not valid JSON instead of silently ignoring the value

  • #14149 6fc9777 Thanks @​mattjohnsonpint! - Fix wrangler deploy --upload-source-maps silently skipping source maps when the entry file ends with magic comments after //# sourceMappingURL=

    Wrangler previously assumed the //# sourceMappingURL= comment was the last non-empty line of a module. Tools like sentry-cli sourcemaps inject append a //# debugId= comment after it, which silently caused source maps to be omitted from the upload form, most commonly when deploying with --no-bundle --upload-source-maps. Wrangler now scans trailing magic comments (lines starting with //# or //@) and detects the //# sourceMappingURL= comment regardless of which other magic comments follow it.

  • #14105 337e912 Thanks @​dario-piotrowicz! - Remove trailing periods from URLs in terminal output

    URLs printed to the terminal with a sentence-ending period (e.g. https://example.com/path.) would include the period when clicked in some terminal emulators, causing 404 errors. This removes trailing periods from all URLs displayed in CLI output across wrangler, miniflare, vitest-pool-workers, and workers-utils.

... (truncated)

Commits
  • 0b60424 Version Packages (#14142)
  • 42288d4 fix: Include currentAgentSkillsInstalled in command telemetry events (#14155)
  • 6fc9777 [wrangler] fix: don't assume sourceMappingURL is on the last line (#14149)
  • 94b29f7 [workflows] Restart from step (#13996)
  • e06cbb7 Bump the workerd-and-workers-types group with 2 updates (#14147)
  • 5565823 [wrangler] Fix wrangler complete printing AI skills prompt into shell compl...
  • 8e7b74f [wrangler] fix: send Workflows schedules as { cron } objects on deploy (#14150)
  • 9a26191 [wrangler] fix: gracefully handle EMFILE when assets watcher exceeds director...
  • aec1bb8 [wrangler] Bump am-i-vibing from 0.1.1 to 0.4.0 (#14078)
  • 890fca7 [wrangler] fix: show clear error when --metadata is not valid JSON (#13881)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the npm-minor-patch group across 1 directory with 1…
3ae5415 
…7 updates

Bumps the npm-minor-patch group with 17 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@opennextjs/cloudflare](https://github.com/opennextjs/opennextjs-cloudflare/tree/HEAD/packages/cloudflare) | `1.19.9` | `1.19.11` |
| [@shikijs/core](https://github.com/shikijs/shiki/tree/HEAD/packages/core) | `4.0.2` | `4.2.0` |
| [@shikijs/engine-javascript](https://github.com/shikijs/shiki/tree/HEAD/packages/engine-javascript) | `4.0.2` | `4.2.0` |
| [@shikijs/langs](https://github.com/shikijs/shiki/tree/HEAD/packages/langs) | `4.0.2` | `4.2.0` |
| [@shikijs/themes](https://github.com/shikijs/shiki/tree/HEAD/packages/themes) | `4.0.2` | `4.2.0` |
| [@shikijs/transformers](https://github.com/shikijs/shiki/tree/HEAD/packages/transformers) | `4.0.2` | `4.2.0` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.7.0` | `25.9.1` |
| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.1` | `4.2.0` |
| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.14.0` | `1.17.0` |
| [next](https://github.com/vercel/next.js) | `15.5.18` | `15.5.19` |
| [posthog-js](https://github.com/PostHog/posthog-js) | `1.373.4` | `1.379.2` |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.6` | `19.2.7` |
| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.14` | `19.2.16` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.6` | `19.2.7` |
| [shiki](https://github.com/shikijs/shiki/tree/HEAD/packages/shiki) | `4.0.2` | `4.2.0` |
| [tsx](https://github.com/privatenumber/tsx) | `4.21.0` | `4.22.4` |
| [wrangler](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler) | `4.90.1` | `4.97.0` |



Updates `@opennextjs/cloudflare` from 1.19.9 to 1.19.11
- [Release notes](https://github.com/opennextjs/opennextjs-cloudflare/releases)
- [Changelog](https://github.com/opennextjs/opennextjs-cloudflare/blob/main/packages/cloudflare/CHANGELOG.md)
- [Commits](https://github.com/opennextjs/opennextjs-cloudflare/commits/@opennextjs/cloudflare@1.19.11/packages/cloudflare)

Updates `@shikijs/core` from 4.0.2 to 4.2.0
- [Release notes](https://github.com/shikijs/shiki/releases)
- [Commits](https://github.com/shikijs/shiki/commits/v4.2.0/packages/core)

Updates `@shikijs/engine-javascript` from 4.0.2 to 4.2.0
- [Release notes](https://github.com/shikijs/shiki/releases)
- [Commits](https://github.com/shikijs/shiki/commits/v4.2.0/packages/engine-javascript)

Updates `@shikijs/langs` from 4.0.2 to 4.2.0
- [Release notes](https://github.com/shikijs/shiki/releases)
- [Commits](https://github.com/shikijs/shiki/commits/v4.2.0/packages/langs)

Updates `@shikijs/themes` from 4.0.2 to 4.2.0
- [Release notes](https://github.com/shikijs/shiki/releases)
- [Commits](https://github.com/shikijs/shiki/commits/v4.2.0/packages/themes)

Updates `@shikijs/transformers` from 4.0.2 to 4.2.0
- [Release notes](https://github.com/shikijs/shiki/releases)
- [Commits](https://github.com/shikijs/shiki/commits/v4.2.0/packages/transformers)

Updates `@types/node` from 25.7.0 to 25.9.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `js-yaml` from 4.1.1 to 4.2.0
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/commits)

Updates `lucide-react` from 1.14.0 to 1.17.0
- [Release notes](https://github.com/lucide-icons/lucide/releases)
- [Commits](https://github.com/lucide-icons/lucide/commits/1.17.0/packages/lucide-react)

Updates `next` from 15.5.18 to 15.5.19
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v15.5.18...v15.5.19)

Updates `posthog-js` from 1.373.4 to 1.379.2
- [Release notes](https://github.com/PostHog/posthog-js/releases)
- [Changelog](https://github.com/PostHog/posthog-js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/PostHog/posthog-js/compare/posthog-js@1.373.4...posthog-js@1.379.2)

Updates `react` from 19.2.6 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react)

Updates `@types/react` from 19.2.14 to 19.2.16
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `react-dom` from 19.2.6 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react-dom)

Updates `shiki` from 4.0.2 to 4.2.0
- [Release notes](https://github.com/shikijs/shiki/releases)
- [Commits](https://github.com/shikijs/shiki/commits/v4.2.0/packages/shiki)

Updates `@types/react` from 19.2.14 to 19.2.16
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `tsx` from 4.21.0 to 4.22.4
- [Release notes](https://github.com/privatenumber/tsx/releases)
- [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs)
- [Commits](privatenumber/tsx@v4.21.0...v4.22.4)

Updates `wrangler` from 4.90.1 to 4.97.0
- [Release notes](https://github.com/cloudflare/workers-sdk/releases)
- [Commits](https://github.com/cloudflare/workers-sdk/commits/wrangler@4.97.0/packages/wrangler)

---
updated-dependencies:
- dependency-name: "@opennextjs/cloudflare"
  dependency-version: 1.19.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-minor-patch
- dependency-name: "@shikijs/core"
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-minor-patch
- dependency-name: "@shikijs/engine-javascript"
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-minor-patch
- dependency-name: "@shikijs/langs"
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-minor-patch
- dependency-name: "@shikijs/themes"
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-minor-patch
- dependency-name: "@shikijs/transformers"
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-minor-patch
- dependency-name: "@types/node"
  dependency-version: 25.9.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-minor-patch
- dependency-name: js-yaml
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-minor-patch
- dependency-name: lucide-react
  dependency-version: 1.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-minor-patch
- dependency-name: next
  dependency-version: 15.5.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-minor-patch
- dependency-name: posthog-js
  dependency-version: 1.379.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-minor-patch
- dependency-name: react
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-minor-patch
- dependency-name: "@types/react"
  dependency-version: 19.2.16
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-minor-patch
- dependency-name: react-dom
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-minor-patch
- dependency-name: shiki
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-minor-patch
- dependency-name: "@types/react"
  dependency-version: 19.2.16
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-minor-patch
- dependency-name: tsx
  dependency-version: 4.22.4
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-minor-patch
- dependency-name: wrangler
  dependency-version: 4.97.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 4, 2026
@dependabot dependabot Bot requested a review from jrphilo as a code owner June 4, 2026 04:46
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 4, 2026
@cloudflare-workers-and-pages
Copy link
Copy Markdown

cloudflare-workers-and-pages Bot commented Jun 4, 2026
edited
Loading

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Preview URL Updated (UTC)
✅ Deployment successful!
View logs		 docs-preview 3ae5415 Commit Preview URL

Branch Preview URL		 Jun 04 2026, 04:48 AM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jrphilo jrphilo Awaiting requested review from jrphilo jrphilo is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants