chore(deps): bump the minor-and-patch group across 1 directory with 33 updates

[dependabot]

Bumps the minor-and-patch group with 32 updates in the /web directory:

Package	From	To
@aws-sdk/client-s3	3.1018.0	3.1038.0
@aws-sdk/s3-request-presigner	3.1018.0	3.1038.0
@codemirror/language	6.12.2	6.12.3
@codemirror/search	6.6.0	6.7.0
@codemirror/view	6.40.0	6.41.1
@react-three/fiber	9.5.0	9.6.1
@tanstack/react-virtual	3.13.23	3.13.24
@webcontainer/api	1.6.1	1.6.4
ag-grid-community	35.1.0	35.2.1
ag-grid-react	35.1.0	35.2.1
codemirror-lang-latex	0.2.0	0.4.1
dompurify	3.3.3	3.4.1
katex	0.16.43	0.16.45
lucide-react	1.6.0	1.12.0
next	16.2.1	16.2.4
openai	6.32.0	6.35.0
plotly.js-dist-min	3.4.0	3.5.0
react	19.2.4	19.2.5
react-dom	19.2.4	19.2.5
react-icons	5.5.0	5.6.0
three	0.183.2	0.184.0
@types/three	0.183.1	0.184.0
@playwright/test	1.58.2	1.59.1
@tailwindcss/postcss	4.2.1	4.2.4
@types/node	25.5.0	25.6.0
dotenv	17.3.1	17.4.2
eslint	10.0.3	10.2.1
eslint-config-next	16.2.1	16.2.4
jsdom	29.0.1	29.1.0
prettier	3.8.1	3.8.3
prettier-plugin-tailwindcss	0.7.2	0.8.0
vitest	4.1.2	4.1.5

Updates @aws-sdk/client-s3 from 3.1018.0 to 3.1038.0

Release notes

Sourced from @​aws-sdk/client-s3's releases.

v3.1038.0

3.1038.0(2026-04-27)

Chores

• codegen: sync for typed waiter-result values (#7965) (e9f8d8a9)

Documentation Changes

• client-gameliftstreams: Adds Proton 10.0-4 to the list of runtime environment options available when creating an Amazon GameLift Streams application (eee81edd)

New Features

• client-sagemaker: Updated API documentation for endpoint MetricsConfig. Added details on supported metric publish frequencies and clarified how EnableEnhancedMetrics controls utilization and invocation metric behavior. (c3a61e2d)
• client-billingconductor: Add support for Passthrough pricing plan (31ed64a4)
• client-glue: Addition of AdditionalAuditContext to GetPartition, GetPartitions, GetTableVersion, and GetTableVersions (eaf5eef0)
• client-kms: KMS GetKeyLastUsage API provides information on the last successful cryptographic operation performed on KMS keys. This new API provides KMS customers with the last timestamp, CloudTrail eventId, and the cryptographic operation that was performed on the key. (7edc07d4)
• client-ivs: Adds tags parameter to the CreateAdConfiguration operation (6e9a5a05)
• client-workspaces: Added support for Protocol as modified resource and added update failure as modification state (6bd9ee46)
• client-application-signals: Application Signals now supports creating composite Service Level Objectives on Service Operations. Users can now create service SLO on multiple operations. (6a04d604)
• client-cloudwatch-logs: Adds support for selecting all logs sources and types in a single association. (0f944495)
• client-omics: Enable Public Internet or VPC configuration to BatchRun (345017d3)
• client-mgn: Added network modernization support, enabling customers to edit, resize, merge, and split VPCs and subnets during migration while retaining functional, non-conflicting IP addresses. (8cc99968)
• client-opensearch: Amazon OpenSearch Service now supports JWKS URL configuration for JWT authentication (5dfd0544)

Bug Fixes

• xml-builder: use xml 1.1 parsing behavior for entities (#7964) (7a30bce0)

---

For list of updated packages, view updated-packages.md in assets-3.1038.0.zip

v3.1037.0

3.1037.0(2026-04-24)

New Features

• clients: update client endpoints as of 2026-04-24 (ca3df2be)
• client-evs: EVS now supports i7i.metal-24xl EC2 bare metal instance type, delivering high random IOPS performance with real-time latency, ideal for IO intensive and latency-sensitive workloads such as transactional databases, real-time analytics, and AI ML pre-processing. (fd92ee48)
• client-cloudwatch-logs: Adding nextToken and maxItems to the GetQueryResults API. (1a5ef619)
• client-transfer: AWS Transfer Family now support configurable IP address types for Web Apps of type VPC, enabling customers to select IPv4-only or dual-stack (IPv4 and IPv6) configurations based on their network requirements. (f2a72a85)
• client-bedrock-agentcore-control: Added support for configuring identity providers and inbound authorizers within a private VPC for AWS Bedrock AgentCore, enabling secure network connection without public internet access (a0bf24cd)
• client-connect: Amazon Connect is expanding attachment capabilities to give customers greater flexibility and control. Currently limited to predefined file types, the new feature will allow contact center administrators to customize which file extensions and sizes are supported across chat, email, tasks, and cases. (7e987e88)
• client-connecthealth: Corrected CreateWebAppConfiguration documentation. Adding slash as an allowed character for the Ambient documentation agent to allow pronoun specifications. (c21882c4)

Bug Fixes

• client-kinesis: tolerance for flaky H2 session ordering assertion in E2E test (#7959) (58734960)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-s3's changelog.

3.1038.0 (2026-04-27)

Bug Fixes

• xml-builder: use xml 1.1 parsing behavior for entities (#7964) (7a30bce)

3.1037.0 (2026-04-24)

Note: Version bump only for package @​aws-sdk/client-s3

3.1036.0 (2026-04-23)

Note: Version bump only for package @​aws-sdk/client-s3

3.1035.0 (2026-04-22)

Bug Fixes

• client-s3: retry errors with 200 status code (#7945) (7d9d8d1)

Features

• client-s3: This release adds five additional checksum algorithms for S3 data integrity (MD5, SHA-512, XXHash3, XXHash64, XXHash128) and support for S3 Inventory on directory buckets (S3 Express One Zone). (41a6a59)

3.1034.0 (2026-04-21)

Note: Version bump only for package @​aws-sdk/client-s3

... (truncated)

Commits

• 3fbf6c5 Publish v3.1038.0
• e9f8d8a chore(codegen): sync for typed waiter-result values (#7965)
• 7a30bce fix(xml-builder): use xml 1.1 parsing behavior for entities (#7964)
• 7babd8b Publish v3.1037.0
• 46e4ac5 Publish v3.1036.0
• 107aefc chore(codegen): sync for http2 session closure, retry longpoll backoff, and f...
• d8fbfbc Publish v3.1035.0
• 41a6a59 feat(client-s3): This release adds five additional checksum algorithms for S3...
• 7d9d8d1 fix(client-s3): retry errors with 200 status code (#7945)
• d08b5a7 Publish v3.1034.0
• Additional commits viewable in compare view

Updates @aws-sdk/s3-request-presigner from 3.1018.0 to 3.1038.0

Release notes

Sourced from @​aws-sdk/s3-request-presigner's releases.

v3.1038.0

3.1038.0(2026-04-27)

Chores

• codegen: sync for typed waiter-result values (#7965) (e9f8d8a9)

Documentation Changes

• client-gameliftstreams: Adds Proton 10.0-4 to the list of runtime environment options available when creating an Amazon GameLift Streams application (eee81edd)

New Features

• client-sagemaker: Updated API documentation for endpoint MetricsConfig. Added details on supported metric publish frequencies and clarified how EnableEnhancedMetrics controls utilization and invocation metric behavior. (c3a61e2d)
• client-billingconductor: Add support for Passthrough pricing plan (31ed64a4)
• client-glue: Addition of AdditionalAuditContext to GetPartition, GetPartitions, GetTableVersion, and GetTableVersions (eaf5eef0)
• client-kms: KMS GetKeyLastUsage API provides information on the last successful cryptographic operation performed on KMS keys. This new API provides KMS customers with the last timestamp, CloudTrail eventId, and the cryptographic operation that was performed on the key. (7edc07d4)
• client-ivs: Adds tags parameter to the CreateAdConfiguration operation (6e9a5a05)
• client-workspaces: Added support for Protocol as modified resource and added update failure as modification state (6bd9ee46)
• client-application-signals: Application Signals now supports creating composite Service Level Objectives on Service Operations. Users can now create service SLO on multiple operations. (6a04d604)
• client-cloudwatch-logs: Adds support for selecting all logs sources and types in a single association. (0f944495)
• client-omics: Enable Public Internet or VPC configuration to BatchRun (345017d3)
• client-mgn: Added network modernization support, enabling customers to edit, resize, merge, and split VPCs and subnets during migration while retaining functional, non-conflicting IP addresses. (8cc99968)
• client-opensearch: Amazon OpenSearch Service now supports JWKS URL configuration for JWT authentication (5dfd0544)

Bug Fixes

• xml-builder: use xml 1.1 parsing behavior for entities (#7964) (7a30bce0)

---

For list of updated packages, view updated-packages.md in assets-3.1038.0.zip

v3.1037.0

3.1037.0(2026-04-24)

New Features

• clients: update client endpoints as of 2026-04-24 (ca3df2be)
• client-evs: EVS now supports i7i.metal-24xl EC2 bare metal instance type, delivering high random IOPS performance with real-time latency, ideal for IO intensive and latency-sensitive workloads such as transactional databases, real-time analytics, and AI ML pre-processing. (fd92ee48)
• client-cloudwatch-logs: Adding nextToken and maxItems to the GetQueryResults API. (1a5ef619)
• client-transfer: AWS Transfer Family now support configurable IP address types for Web Apps of type VPC, enabling customers to select IPv4-only or dual-stack (IPv4 and IPv6) configurations based on their network requirements. (f2a72a85)
• client-bedrock-agentcore-control: Added support for configuring identity providers and inbound authorizers within a private VPC for AWS Bedrock AgentCore, enabling secure network connection without public internet access (a0bf24cd)
• client-connect: Amazon Connect is expanding attachment capabilities to give customers greater flexibility and control. Currently limited to predefined file types, the new feature will allow contact center administrators to customize which file extensions and sizes are supported across chat, email, tasks, and cases. (7e987e88)
• client-connecthealth: Corrected CreateWebAppConfiguration documentation. Adding slash as an allowed character for the Ambient documentation agent to allow pronoun specifications. (c21882c4)

Bug Fixes

• client-kinesis: tolerance for flaky H2 session ordering assertion in E2E test (#7959) (58734960)

... (truncated)

Changelog

Sourced from @​aws-sdk/s3-request-presigner's changelog.

3.1038.0 (2026-04-27)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

3.1037.0 (2026-04-24)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

3.1036.0 (2026-04-23)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

3.1035.0 (2026-04-22)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

3.1034.0 (2026-04-21)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

3.1033.0 (2026-04-20)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

3.1032.0 (2026-04-17)

... (truncated)

Commits

• 3fbf6c5 Publish v3.1038.0
• 7babd8b Publish v3.1037.0
• 46e4ac5 Publish v3.1036.0
• 107aefc chore(codegen): sync for http2 session closure, retry longpoll backoff, and f...
• d8fbfbc Publish v3.1035.0
• d08b5a7 Publish v3.1034.0
• 273ad5b chore(codegen): sync for http2 session concurrency fixes (#7942)
• a62021b Publish v3.1033.0
• c0c0872 Publish v3.1032.0
• 33a780e Publish v3.1031.0
• Additional commits viewable in compare view

Updates @codemirror/language from 6.12.2 to 6.12.3

Changelog

Sourced from @​codemirror/language's changelog.

6.12.3 (2026-03-25)

Bug fixes

Fix a crash in bracketMatching when composing at end of document.

Commits

• f5af31e Mark version 6.12.3
• 371c9ba Fix bogus bracket highlighting being generated at end of document
• 9531899 Remove duplicated slash in forum url in README
• 2f4e701 Fix forum link in readme
• See full diff in compare view

Updates @codemirror/search from 6.6.0 to 6.7.0

Commits

• See full diff in compare view

Updates @codemirror/view from 6.40.0 to 6.41.1

Changelog

Sourced from @​codemirror/view's changelog.

6.41.0 (2026-04-01)

Bug fixes

Fix an issue where EditorView.posAtCoords could incorrectly return a position near a higher element on the line, in mixed-font-size lines.

Expand the workaround for the Webkit bug that causes nonexistent selections to stay visible to be active on non-Safari Webkit browsers.

New features

The new EditorView.cursorScrollMargin facet can now be used to configure the extra space used when scrolling the cursor into view.

Commits

• See full diff in compare view

Updates @react-three/fiber from 9.5.0 to 9.6.1

Release notes

Sourced from @​react-three/fiber's releases.

v9.6.1

What's Changed

• fix: Seamlessly transfer interactivity state when swapping instances (#3743) by @​notrabs in pmndrs/react-three-fiber#3744

Full Changelog: pmndrs/react-three-fiber@v9.6.0...v9.6.1

v9.6.0 - Sunset X

Ever tried using <shaderMaterial uniforms={{ time: { value: time } }} /> and ran into immediate issues with desync? No more.

The uniforms objects on ShaderMaterial and its derivatives now have a stable reference. Objects passed into uniforms will instead copy into it. This is the same as behavior for math structures that have copy such as position, rotation, quaternion, etc. and ends up simplifying using the raw JSX where utilities were often introduced before.

Why does this matter?

1. Improves HMR. Even if you memoize the uniforms object it will still regenerate and desync Three. Now this won't happen. But also it makes compatibility with React compiler more complete with its auto-memoization.

2. Allows for inline uniform props and even prop uniforms directly on the material piercing.

<shaderMaterial
  vertexShader={vertexShader}
  fragmentShader={fragmentShader}
  // The uniforms object has a stable reference so objects can be safely merged in
  uniforms={{ 
    uTime: { value: 0 }, 
    uColor: { value: new THREE.Color('hotpink') } 
  }}
  // Individual uniforms can also be safely updated with pierce notation
  uniforms-uColor-value={hovered ? 'royalblue' : 'hotpink'}
/>

Documentation can be found here: https://r3f.docs.pmnd.rs/api/objects#shader-material-uniforms

And an example can be found here: https://github.com/pmndrs/react-three-fiber/blob/master/example/src/demos/ShaderMaterial.tsx

What's Changed

• fix: Fix broken link on "Performance pitfalls" documentation page by @​simonKristensen in pmndrs/react-three-fiber#3700
• fix: uniforms have stable refs for ShaderMaterial by @​krispya in pmndrs/react-three-fiber#3715
• docs: fix typos and documentation consistency by @​NssGourav in pmndrs/react-three-fiber#3709

New Contributors

• @​simonKristensen made their first contribution in pmndrs/react-three-fiber#3700
• @​NssGourav made their first contribution in pmndrs/react-three-fiber#3709

Full Changelog: pmndrs/react-three-fiber@v9.5.0...v9.6.0

Commits

• 2a52874 RELEASING: Releasing 1 package(s)
• b645741 docs(changeset): fix: Seamlessly transfer interactivity state when swapping i...
• 119668f fix: Seamlessly transfer interactivity state when swapping instances (#3744)
• 943a37e Merge pull request #3738 from pmndrs:chore/simplify-shadermaterial-demo
• 1be9504 chore: Add uniform piercing test
• 4df10c0 chore: Simplify ShaderMaterial demo
• 877c839 chore: Move ShaderMaterial uniform notes to objects out of pitfalls (#3734)
• 47d30ba chore: Move ShaderMaterial uniform notes to objects out of pitfalls
• ece1a3f RELEASING: Releasing 1 package(s)
• 26e4716 docs(changeset): Fix uniforms refs so they remain stable for ShaderMaterial
• Additional commits viewable in compare view

Updates @tanstack/react-virtual from 3.13.23 to 3.13.24

Release notes

Sourced from @​tanstack/react-virtual's releases.

@​tanstack/react-virtual@​3.13.24

Patch Changes

• Updated dependencies [97a204d]:
  • @​tanstack/virtual-core@​3.14.0

Changelog

Sourced from @​tanstack/react-virtual's changelog.

3.13.24

Patch Changes

• Updated dependencies [97a204d]:
  • @​tanstack/virtual-core@​3.14.0

Commits

• c3d4cd4 ci: Version Packages (#1157)
• See full diff in compare view

Updates @webcontainer/api from 1.6.1 to 1.6.4

Commits

• See full diff in compare view

Updates ag-grid-community from 35.1.0 to 35.2.1

Release notes

Sourced from ag-grid-community's releases.

v35.2.1

https://www.ag-grid.com/changelog/?fixVersion=35.2.1

v35.2.0

https://www.ag-grid.com/changelog/?fixVersion=35.2.0

Commits

• 23e9ba6 Release 35.2.1 Prep
• 437c83c Update workflow to account for npm/cli#9151
• 26770ee Release 35.2.1 Prep
• 154deb8 AG-17021 - Add release content for 35.2.1 (#13470)
• cab43d0 AG-17026 Fix snippet transformer crash on NewExpression and place expressions...
• b44a496 Release 35.2.1 Prep
• 4ebec67 AG-17024 - fixed regression with ColumnMenu requiring ColumnsToolPanelModule ...
• c33f082 AG-17001 Fix CSS layer params removal when multiple grids initialise (#13423)...
• 66987ab Detect redirects that shadow existing pages (#13442) (#13454)
• 17cdd84 AG-17016 - Reduce robots size (#13445) (#13449)
• Additional commits viewable in compare view

Updates ag-grid-react from 35.1.0 to 35.2.1

Release notes

Sourced from ag-grid-react's releases.

v35.2.1

https://www.ag-grid.com/changelog/?fixVersion=35.2.1

v35.2.0

https://www.ag-grid.com/changelog/?fixVersion=35.2.0

Commits

• 23e9ba6 Release 35.2.1 Prep
• 437c83c Update workflow to account for npm/cli#9151
• 26770ee Release 35.2.1 Prep
• 154deb8 AG-17021 - Add release content for 35.2.1 (#13470)
• cab43d0 AG-17026 Fix snippet transformer crash on NewExpression and place expressions...
• b44a496 Release 35.2.1 Prep
• 4ebec67 AG-17024 - fixed regression with ColumnMenu requiring ColumnsToolPanelModule ...
• c33f082 AG-17001 Fix CSS layer params removal when multiple grids initialise (#13423)...
• 66987ab Detect redirects that shadow existing pages (#13442) (#13454)
• 17cdd84 AG-17016 - Reduce robots size (#13445) (#13449)
• Additional commits viewable in compare view

Updates codemirror-lang-latex from 0.2.0 to 0.4.1

Commits

• See full diff in compare view

Updates dompurify from 3.3.3 to 3.4.1

Release notes

Sourced from dompurify's releases.

DOMPurify 3.4.1

• Fixed an issue with on-handler stripping for HTML-spec-reserved custom element names (font-face, color-profile, missing-glyph, font-face-src, font-face-uri, font-face-format, font-face-name) under permissive CUSTOM_ELEMENT_HANDLING
• Fixed a case-sensitivity gap in the annotation-xml check that allowed mixed-case variants to bypass the basic-custom-element exclusion in XHTML mode
• Fixed SANITIZE_NAMED_PROPS repeatedly prefixing already-prefixed id and name values on subsequent sanitization
• Fixed the IN_PLACE root-node check to explicitly guard against non-string nodeName (DOM-clobbering robustness)
• Removed a duplicate slot entry from the default HTML attribute allow-list
• Strengthened the fast-check fuzz harness with explicit XSS invariants, an expanded seed-payload corpus, an additional idempotence property for SANITIZE_NAMED_PROPS, and a negative-control assertion ensuring the invariants actually fire
• Added regression and pinning tests covering the above fixes and two accepted-behavior contracts (SAFE_FOR_TEMPLATES greedy scrub, hook-added attribute handling)
• Extended CodeQL analysis to run on 3.x and 2.x maintenance branches

DOMPurify 3.4.0

Most relevant changes:

• Fixed a problem with FORBID_TAGS not winning over ADD_TAGS, thanks @​kodareef5
• Fixed several minor problems and typos regarding MathML attributes, thanks @​DavidOliver
• Fixed ADD_ATTR/ADD_TAGS function leaking into subsequent array-based calls, thanks @​1Jesper1
• Fixed a missing SAFE_FOR_TEMPLATES scrub in RETURN_DOM path, thanks @​bencalif
• Fixed a prototype pollution via CUSTOM_ELEMENT_HANDLING, thanks @​trace37labs
• Fixed an issue with ADD_TAGS function form bypassing FORBID_TAGS, thanks @​eddieran
• Fixed an issue with ADD_ATTR predicates skipping URI validation, thanks @​christos-eth
• Fixed an issue with USE_PROFILES prototype pollution, thanks @​christos-eth
• Fixed an issue leading to possible mXSS via Re-Contextualization, thanks @​researchatfluidattacks and others
• Fixed an issue with closing tags leading to possible mXSS, thanks @​frevadiscor
• Fixed a problem with the type dentition patcher after Node version bump
• Fixed freezing BS runs by reducing the tested browsers array
• Bumped several dependencies where possible
• Added needed files for OpenSSF scorecard checks

Published Advisories are here: https://github.com/cure53/DOMPurify/security/advisories?state=published

Commits

• 5b0cdbb chore: merge main into 3.x for 3.4.1 release (#1301)
• 09f5911 test: added three more browsers to test setup (OSX, mobile)
• 5b16e0b Getting 3.x branch ready for 3.4.0 release (#1250)
• See full diff in compare view

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

Updates katex from 0.16.43 to 0.16.45

Release notes

Sourced from katex's releases.

v0.16.45

0.16.45 (2026-04-05)

Bug Fixes

• wrap vcenter mpadded in mrow for valid MathML (#4193) (ee66b78), closes #4078

v0.16.44

0.16.44 (2026-03-27)

Bug Fixes

• remove extra \jot space at bottom of align/gather/etc. (#4184) (3870ee9)

Changelog

Sourced from katex's changelog.

0.16.45 (2026-04-05)

Bug Fixes

• wrap vcenter mpadded in mrow for valid MathML (#4193) (ee66b78), closes #4078

0.16.44 (2026-03-27)

Bug Fixes

• remove extra \jot space at bottom of align/gather/etc. (#4184) (3870ee9)

Commits

• 90de979 chore(release): 0.16.45 [ci skip]
• ee66b78 fix: wrap vcenter mpadded in mrow for valid MathML (#4193)
• ed12205 refactor: move inline double brushs stroke to helper (#4194)
• 434d4b8 chore(ci): upgrade to node 24 (#4189)
• 844a324 chore(deps): bump codecov/codecov-action from 5 to 6 (#4188)
• 5675226 chore(deps): bump actions/github-script from 7 to 8 (#4179)
• 34ad75e chore(deps): bump actions/setup-node from 4 to 6 (#4180)
• 2525c20 chore(deps): bump actions/upload-artifact from 4 to 7 (#4176)
• 0b7006e chore(release): 0.16.44 [ci skip]
• 3870ee9 fix: remove extra \jot space at bottom of align/gather/etc. (#4184)
• See full diff in compare view

Updates lucide-react from 1.6.0 to 1.12.0

Release notes

Sourced from lucide-react's releases.

Version 1.12.0

What's Changed

• feat(icon): add folder-bookmark icon by @​swastik7805 in lucide-icons/lucide#4262
• docs(readme): Update readme files by @​ericfennis in lucide-icons/lucide#4320
• feat(icons): added astroid icon by @​whoisBugsbunny in lucide-icons/lucide#4217

Full Changelog: lucide-icons/lucide@1.10.0...1.12.0

Version 1.11.0

What's Changed

• docs: add missing period to TypeScript Support description by @​jglu in lucide-icons/lucide#4309
• fix(@​lucide/svelte): proper doc comments for svelte components by @​blt-r in lucide-icons/lucide#4267
• chore(deps): bump svgo from 3.3.2 to 3.3.3 by @​dependabot[bot] in lucide-icons/lucide#4119
• chore(deps-dev): bump astro from 6.0.8 to 6.1.6 by @​dependabot[bot] in lucide-icons/lucide#4310
• feat(icons): add power and quick tags to zap and zap-off by @​swastik7805 in lucide-icons/lucide#4268
• test(build-font): added comprehensive unit tests on build-font tool by @​karsa-mistmere in lucide-icons/lucide#4315
• feat(docs): blur background of framework-select by @​Spleefies in lucide-icons/lucide#4238
• feat(icon): add heart-x icon by @​swastik7805 in lucide-icons/lucide#4264
• fix(icons): optimised rotate-3d icon by @​jamiemlaw in lucide-icons/lucide#4299
• feat(icons): added layers-minus icon by @​Spleefies in lucide-icons/lucide#4005
• feat(icons): added bell-check icon by @​pettelau in lucide-icons/lucide#4152

New Contributors

• @​jglu made their first contribution in lucide-icons/lucide#4309
• @​pettelau made their first contribution in lucide-icons/lucide#4152

Full Changelog: lucide-icons/lucide@1.9.0...1.11.0

Version 1.10.0

What's Changed

• docs: add missing period to TypeScript Support description by @​jglu in lucide-icons/lucide#4309
• fix(@​lucide/svelte): proper doc comments for svelte components by @​blt-r in lucide-icons/lucide#4267
• chore(deps): bump svgo from 3.3.2 to 3.3.3 by @​dependabot[bot] in lucide-icons/lucide#4119
• chore(deps-dev): bump astro from 6.0.8 to 6.1.6 by @​dependabot[bot] in lucide-icons/lucide#4310
• feat(icons): add power and quick tags to zap and zap-off by @​swastik7805 in lucide-icons/lucide#4268
• test(build-font): added comprehensive unit tests on build-font tool by @​karsa-mistmere in lucide-icons/lucide#4315
• feat(docs): blur background of framework-select by @​Spleefies in lucide-icons/lucide#4238
• feat(icon): add heart-x icon by @​swastik7805 in lucide-icons/lucide#4264
• fix(icons): optimised rotate-3d icon by @​jamiemlaw in lucide-icons/lucide#4299
• feat(icons): added layers-minus icon by @​Spleefies in lucide-icons/lucide#4005
• feat(icons): added bell-check icon by @​pettelau in lucide-icons/lucide#4152

New Contributors

• @​jglu made their first contribution in lucide-icons/lucide#4309
• @​pettelau made their first contribution in lucide-icons/lucide#4152

Full Changelog: lucide-icons/lucide@1.9.0...1.10.0

Version 1.9.0

... (truncated)

Commits

• 50d8af5 docs(readme): Update readme files (#4320)
• 653e44b feat(packages): use .mjs for ESM bundles (#4285)
• 7623e23 feat(docs): add Zephyr Cloud to Hero Backers tier & rework updateSponsors scr...
• dada0a8 fix(lucide-react): Fix dynamic imports (#4210)
• See full diff in compare view

Updates next from 16.2.1 to 16.2.4

Release notes

Sourced from next's releases.

v16.2.4

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• chore: Bump reqwest to 0.13.2 (Fixes Google Fonts with Turbopack for Windows on ARM64) (#92713)
• Turbopack: fix filesystem watcher config not applying follow_symlinks(false) (#92631)
• Scope Safari ?ts= cache-buster to CSS/font assets only (Pages Router) (#92580)
• Compiler: Support boolean and number primtives in next.config defines (#92731)
• turbo-tasks: Fix recomputation loop by allowing cell cleanup on error during recomputation (#92725)
• Turbopack: shorter error for ChunkGroupInfo::get_index_of (#92814)
• Turbopack: shorter error message for ModuleBatchesGraph::get_entry_index (#92828)
• Adding more system info to the 'initialize project' trace (#92427)

Credits

Huge thanks to @​Badbird5907, @​lukesandberg, @​andrewimm, @​sokra, and @​mischnic for helping!

v16.2.3

[!NOTE] This release is backporting security and bug fixes. For more information about the fixed security vulnerability, please see https://vercel.com/changelog/summary-of-cve-2026-23869. The release does not include all pending features/changes on canary.

Core Changes

• Ensure app-page reports stale ISR revalidation errors via onRequestError (#92282)
• Fix [Bug]: manifest.ts breaks HMR in Next.js 16.2 (#91981 through #92273)
• Deduplicate output assets and detect content conflicts on emit (#92292)
• Fix styled-jsx race condition: styles lost due to concurrent rendering (#92459)
• turbo-tasks-backend: stability fixes for task cancellation and error handling (#92254)

Credits

Huge thanks to @​icyJoseph, @​sokra, @​wbinnssmith, @​eps1lon and @​ztanner for helping!

v16.2.2

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• backport: Move expanded adapters docs to API reference (#92115) (#92129)
• Backport: TypeScript v6 deprecations for baseUrl and moduleResolution (#92130)
• [create-next-app] Skip interactive prompts when CLI flags are provided (

[dependabot]

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.