Skip to content

chore(deps): bump the npm-minor-and-patch group across 1 directory with 9 updates#73

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-minor-and-patch-e8e9ff4c51
Open

chore(deps): bump the npm-minor-and-patch group across 1 directory with 9 updates#73
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-minor-and-patch-e8e9ff4c51

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 8, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm-minor-and-patch group with 8 updates in the / directory:

Package From To
@modelcontextprotocol/sdk 1.13.0 1.29.0
@supabase/supabase-js 2.107.0 2.110.1
tsx 4.22.4 4.23.0
@supabase/ssr 0.10.3 0.12.0
lucide-react 1.17.0 1.23.0
@tailwindcss/postcss 4.3.0 4.3.2
@types/react 19.2.16 19.2.17
postcss 8.5.15 8.5.16

Updates @modelcontextprotocol/sdk from 1.13.0 to 1.29.0

Release notes

Sourced from @​modelcontextprotocol/sdk's releases.

v1.29.0

What's Changed

New Contributors

Full Changelog: modelcontextprotocol/typescript-sdk@v1.28.0...v1.29.0

v1.28.0

What's Changed

New Contributors

Full Changelog: modelcontextprotocol/typescript-sdk@v1.27.1...v1.28.0

v1.27.1

What's Changed

New Contributors

Full Changelog: modelcontextprotocol/typescript-sdk@v1.27.0...v1.27.1

v1.27.0

What's Changed

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by pcarleton, a new releaser for @​modelcontextprotocol/sdk since your current version.


Updates @supabase/supabase-js from 2.107.0 to 2.110.1

Release notes

Sourced from @​supabase/supabase-js's releases.

v2.110.1

2.110.1 (2026-07-07)

🩹 Fixes

  • auth: defer init-time notifications until initializePromise resolves (#2498)
  • realtime: suppress disconnected status from onHeartbeat consumers (#2496)

❤️ Thank You

v2.110.1-canary.0

2.110.1-canary.0 (2026-07-07)

🩹 Fixes

  • auth: defer init-time notifications until initializePromise resolves (#2498)
  • realtime: suppress disconnected status from onHeartbeat consumers (#2496)

❤️ Thank You

v2.110.0

2.110.0 (2026-06-30)

🚀 Features

  • repo: drop Node.js 20 support (#2482)

❤️ Thank You

v2.110.0-canary.0

2.110.0-canary.0 (2026-06-30)

🚀 Features

  • repo: drop Node.js 20 support (#2482)

❤️ Thank You

v2.109.0

2.109.0 (2026-06-30)

🚀 Features

... (truncated)

Changelog

Sourced from @​supabase/supabase-js's changelog.

2.110.1 (2026-07-07)

This was a version bump only for @​supabase/supabase-js to align it with other projects, there were no code changes.

2.110.0 (2026-06-30)

🚀 Features

  • repo: drop Node.js 20 support (#2482)

❤️ Thank You

2.109.0 (2026-06-30)

🩹 Fixes

  • realtime: pin @​supabase/phoenix and browser test CDN deps (#2457)

❤️ Thank You

2.108.2 (2026-06-15)

This was a version bump only for @​supabase/supabase-js to align it with other projects, there were no code changes.

2.108.0 (2026-06-08)

This was a version bump only for @​supabase/supabase-js to align it with other projects, there were no code changes.

Commits

Updates tsx from 4.22.4 to 4.23.0

Release notes

Sourced from tsx's releases.

v4.23.0

4.23.0 (2026-07-03)

Bug Fixes

Features


This release is also available on:

v4.22.5

4.22.5 (2026-07-02)

Bug Fixes

  • isolate hook state per async module.register() registration (a305f36)

This release is also available on:

Commits
  • 1dfad37 docs: cite esbuild's extension-resolution model in node notes
  • 257bbbb fix: avoid redundant filesystem probes during module resolution
  • c178197 feat: add multi-scenario startup benchmark suite
  • 51800ac docs: add Node internals knowledge base (notes/node)
  • a305f36 fix: isolate hook state per async module.register() registration
  • ca501a9 chore: upgrade skills-npm to v1.2.0
  • 596cd1f test: cover __dirname, __filename, & require.cache in CJS TS file
  • 75d9bf0 test: lock in lenient ESM for ambiguous and CJS-typed packages
  • 1472f3e test: cover ESM-syntax dependency with omitted "type" field
  • See full diff in compare view

Updates @supabase/ssr from 0.10.3 to 0.12.0

Release notes

Sourced from @​supabase/ssr's releases.

v0.12.0

0.12.0 (2026-06-09)

Features

  • adds cookies.encode option allowing minimal cookie sizes (#126) (cf38b22)
  • bump cookie to 1.0.2 (#113) (b4a77b4)
  • cookies: add clearAuthCookiesAtScopes migration helper (#240) (4e47249)
  • full rewrite using getAll and setAll cookie methods (#1) (b6ae192)
  • improve cookie chunk handling via base64url+length encoding (#90) (6deb687)
  • pass cache headers to setAll to prevent CDN caching of auth responses (#176) (14962d2)
  • publish SSR under deprecated auth-helpers package names (#127) (e8b6102)
  • release workflow RC versioning and publish reliability (#164) (81e68f4)
  • update CI so it runs on release as well (#33) (4517996)
  • update supabase-js to latest (#133) (d65044d)
  • update supabase-js to latest (#145) (08bf7d6)
  • upgrade cookie dependency and cleanup imports (#77) (9524528)

Bug Fixes

  • add @​types/cookies to dependencies (#63) (47e5f16)
  • add create*Client string in x-client-info (#85) (f271acc)
  • allow cookies encode without getAll/setAll on browser client (#213) (89f3f28), closes #170
  • allow use of createBrowserClient without window present (#20) (27d868d)
  • auth: respect user-provided auth options in createBrowserClient (#167) (5f04837)
  • check chunkedCookie is string in server client (#57) (549fe62)
  • ci: remove packageManager field (#197) (6bf0226)
  • cookies console warnings (#136) (64ff6b3)
  • deprecate parse, serialize exports for more useful functions (#14) (0b5f881)
  • enable tree-shaking for browser bundles (#216) (f009d71)
  • fix createBrowserClient deprecation tsdoc (#17) (1df70ad)
  • force release (#98) (66710e8)
  • re-apply update CI so it runs on release as well (#49) (51d5a43)
  • release: pin npm to 11.5.2 so OIDC trusted publisher works (#249) (4af89f7)
  • remove optional dependencies (#41) (a48fe6f)
  • remove usage of internal type params (#123) (8f3e89e)
  • revert "update CI so it runs on release as well" (#44) (9d0e859)
  • revert: "feat: improve cookie chunk handling via base64url+length encoding (#90)" (#100) (2ea8e23)
  • set max-age default cookie option to 400 days (#54) (f4ed2e0)
  • set cookies for password recovery event (#32) (7dc1837)
  • set cookies when mfa challenge is verified (#27) (c217f53)
  • tsconfig: set explicit rootDir to silence TS6059 in consumer IDEs (#211) (a77ee8a), closes #209
  • update conventional commits ci to use main instead of master (#31) (bebce89)
  • update README session docs (#159) (b859905)
  • update type, remove unused imports, define AuthEvent type (#47) (4f4a375)
  • use skipAutoInitialize to prevent SSR token refresh race condition (#131) (0b7be28)
  • validate base64-prefixed chunked cookies decode to valid JSON (#210) (302cc0e)

... (truncated)

Changelog

Sourced from @​supabase/ssr's changelog.

0.12.0 (2026-06-09)

Features

  • adds cookies.encode option allowing minimal cookie sizes (#126) (cf38b22)
  • bump cookie to 1.0.2 (#113) (b4a77b4)
  • cookies: add clearAuthCookiesAtScopes migration helper (#240) (4e47249)
  • full rewrite using getAll and setAll cookie methods (#1) (b6ae192)
  • improve cookie chunk handling via base64url+length encoding (#90) (6deb687)
  • pass cache headers to setAll to prevent CDN caching of auth responses (#176) (14962d2)
  • publish SSR under deprecated auth-helpers package names (#127) (e8b6102)
  • release workflow RC versioning and publish reliability (#164) (81e68f4)
  • update CI so it runs on release as well (#33) (4517996)
  • update supabase-js to latest (#133) (d65044d)
  • update supabase-js to latest (#145) (08bf7d6)
  • upgrade cookie dependency and cleanup imports (#77) (9524528)

Bug Fixes

  • add @​types/cookies to dependencies (#63) (47e5f16)
  • add create*Client string in x-client-info (#85) (f271acc)
  • allow cookies encode without getAll/setAll on browser client (#213) (89f3f28), closes #170
  • allow use of createBrowserClient without window present (#20) (27d868d)
  • auth: respect user-provided auth options in createBrowserClient (#167) (5f04837)
  • check chunkedCookie is string in server client (#57) (549fe62)
  • ci: remove packageManager field (#197) (6bf0226)
  • cookies console warnings (#136) (64ff6b3)
  • deprecate parse, serialize exports for more useful functions (#14) (0b5f881)
  • enable tree-shaking for browser bundles (#216) (f009d71)
  • fix createBrowserClient deprecation tsdoc (#17) (1df70ad)
  • force release (#98) (66710e8)
  • re-apply update CI so it runs on release as well (#49) (51d5a43)
  • release: pin npm to 11.5.2 so OIDC trusted publisher works (#249) (4af89f7)
  • remove optional dependencies (#41) (a48fe6f)
  • remove usage of internal type params (#123) (8f3e89e)
  • revert "update CI so it runs on release as well" (#44) (9d0e859)
  • revert: "feat: improve cookie chunk handling via base64url+length encoding (#90)" (#100) (2ea8e23)
  • set max-age default cookie option to 400 days (#54) (f4ed2e0)
  • set cookies for password recovery event (#32) (7dc1837)
  • set cookies when mfa challenge is verified (#27) (c217f53)
  • tsconfig: set explicit rootDir to silence TS6059 in consumer IDEs (#211) (a77ee8a), closes #209
  • update conventional commits ci to use main instead of master (#31) (bebce89)
  • update README session docs (#159) (b859905)
  • update type, remove unused imports, define AuthEvent type (#47) (4f4a375)
  • use skipAutoInitialize to prevent SSR token refresh race condition (#131) (0b7be28)
  • validate base64-prefixed chunked cookies decode to valid JSON (#210) (302cc0e)

0.11.0 (2026-06-05)

... (truncated)

Commits
  • d8c9b60 chore(main): release 0.12.0 (#247)
  • 4af89f7 fix(release): pin npm to 11.5.2 so OIDC trusted publisher works (#249)
  • 164c7ab build(deps-dev): bump vitest from 1.6.1 to 4.1.0 in the npm_and_yarn group ac...
  • 2fd3333 chore: update @​supabase/supabase-js to v2.108.0 (#248)
  • dd766c4 chore(main): release 0.11.0 (#244)
  • 932931e build(deps): bump actions/checkout from 6.0.2 to 6.0.3 (#245)
  • 4e47249 feat(cookies): add clearAuthCookiesAtScopes migration helper (#240)
  • 34f2b6a chore: update @​supabase/supabase-js to v2.107.0 (#243)
  • 4292d04 chore: update @​supabase/supabase-js to v2.106.1 (#236)
  • a6896b1 chore: update @​supabase/supabase-js to v2.106.0 (#232)
  • Additional commits viewable in compare view

Updates lucide-react from 1.17.0 to 1.23.0

Release notes

Sourced from lucide-react's releases.

Version 1.23.0

What's Changed

New Contributors

Full Changelog: lucide-icons/lucide@1.22.0...1.23.0

Version 1.22.0

What's Changed

New Contributors

Full Changelog: lucide-icons/lucide@1.21.0...1.22.0

Version 1.21.0

What's Changed

New Contributors

Full Changelog: lucide-icons/lucide@1.20.0...1.21.0

Version 1.20.0

What's Changed

... (truncated)

Commits
  • 5ff536e ci(release.yml): Fix workflow and remove version scripts in package scripts...
  • See full diff in compare view

Updates @tailwindcss/postcss from 4.3.0 to 4.3.2

Release notes

Sourced from @​tailwindcss/postcss's releases.

v4.3.2

Fixed

  • Support bare spacing values for auto-rows-* and auto-cols-* utilities (e.g. auto-rows-12 and auto-cols-16) (#20229)
  • Prevent @tailwindcss/cli in --watch mode from crashing on Windows when @source points to a directory that doesn't exist (#20242)
  • Prevent @tailwindcss/vite from crashing in Deno v2.8.x when context.parentURL is not a valid URL (#20245)
  • Ensure @tailwindcss/cli in --watch mode rebuilds when the input CSS file changes in an ignored directory (#20246)
  • Allow @variant rules used in addBase(…) to use custom variants defined later (#20247)
  • Prevent @tailwindcss/vite from crashing during HMR when scanned files or directories are deleted (#20259)
  • Generate font-size instead of color declarations for text-[--spacing(…)] (#20260)
  • Prevent @source patterns from scanning unrelated sibling files and folders (#20263)
  • Extract class candidates adjacent to Template Toolkit delimiters like %]…[% in .tt, .tt2, and .tx files (#20269)
  • Extract class candidates from conditional Maud syntax like p.text-black[condition] (#20269)
  • Prevent @position-try rules from triggering unknown at-rule warnings when optimizing CSS (#20277)
  • Support class suggestions for named opacity modifiers from --opacity theme values (#20287)
  • Prevent type errors in @tailwindcss/postcss when used with newer PostCSS patch releases (#20289)

v4.3.1

Added

  • Add --silent option to suppress output in @tailwindcss/cli (#20100)

Fixed

  • Remove deprecation warnings by using Module#registerHooks instead of Module#register on Node 26+ (#20028)
  • Canonicalization: don't crash when plugin utilities throw for unsupported values (#20052)
  • Allow @apply to be used with CSS mixins (#19427)
  • Ensure not-* correctly negates @container queries, including style(…) queries (#20059)
  • Ensure drop-shadow-* color utilities work with custom shadow values containing calc(…) (#20080)
  • Fix 'Sourcemap is likely to be incorrect' warnings when using @tailwindcss/vite (#20103)
  • Ensure @tailwindcss/webpack can be installed in Rspack projects without requiring webpack as a peer dependency (#20027)
  • Canonicalization: don't suggest invalid calc(…) expressions (e.g. px-[calc(1rem+0px)]px-[calc(1rem+0)]) (#20127)
  • Canonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. left-[99999px]left-[99999px], not left-24999.75) (#20130)
  • Ensure @tailwindcss/cli in --watch mode recovers when a tracked dependency is deleted and restored (#20137)
  • Ensure standalone @tailwindcss/cli binaries are ignored when scanning for class candidates (#20139)
  • Ensure class candidates are extracted from Twig addClass(…) and removeClass(…) calls (#20198)
  • Don't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (#19588)
  • Allow @variant to be used inside addBase (#19480)
  • Ensure @source globs with symlinks are preserved (#20203)
  • Ensure later @source rules can re-include files excluded by earlier @source not rules (#20203)
  • Upgrade: don't migrate empty class rules to invalid @utility rules (#20205)
  • Ensure transitions between inset-shadow-none and other inset shadows work correctly (#20208)
  • Ensure explicitly referenced @source directories are scanned even when ignored by git (#20214)
  • Ensure @source globs ending in **/* preserve dynamic path segments to avoid scanning too many files (#20217)
  • Canonicalization: don't fold calc(…) divisions when the result would require high precision (e.g. w-[calc(100%/3.5)]w-[calc(100%/3.5)], not w-[28.571428571428573%]) (#20221)
  • Serve ESM type declarations to ESM importers of @tailwindcss/postcss (#20228)

Changed

  • Generate 0 instead of calc(var(--spacing) * 0) for spacing utilities like m-0 and left-0 (#20196)

... (truncated)

Changelog

Sourced from @​tailwindcss/postcss's changelog.

[4.3.2] - 2026-06-26

Fixed

  • Support bare spacing values for auto-rows-* and auto-cols-* utilities (e.g. auto-rows-12 and auto-cols-16) (#20229)
  • Prevent @tailwindcss/cli in --watch mode from crashing on Windows when @source points to a directory that doesn't exist (#20242)
  • Prevent @tailwindcss/vite from crashing in Deno v2.8.x when context.parentURL is not a valid URL (#20245)
  • Ensure @tailwindcss/cli in --watch mode rebuilds when the input CSS file changes in an ignored directory (#20246)
  • Allow @variant rules used in addBase(…) to use custom variants defined later (#20247)
  • Prevent @tailwindcss/vite from crashing during HMR when scanned files or directories are deleted (#20259)
  • Generate font-size instead of color declarations for text-[--spacing(…)] (#20260)
  • Prevent @source patterns from scanning unrelated sibling files and folders (#20263)
  • Extract class candidates adjacent to Template Toolkit delimiters like %]…[% in .tt, .tt2, and .tx files (#20269)
  • Extract class candidates from conditional Maud syntax like p.text-black[condition] (#20269)
  • Prevent @position-try rules from triggering unknown at-rule warnings when optimizing CSS (#20277)
  • Support class suggestions for named opacity modifiers from --opacity theme values (#20287)
  • Prevent type errors in @tailwindcss/postcss when used with newer PostCSS patch releases (#20289)

[4.3.1] - 2026-06-12

Added

  • Add --silentDescription has been truncated

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 8, 2026
@vercel

vercel Bot commented Jul 8, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
opensprout Ready Ready Preview, Comment Jul 8, 2026 12:36am

…th 9 updates

Bumps the npm-minor-and-patch group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.13.0` | `1.29.0` |
| [@supabase/supabase-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js) | `2.107.0` | `2.110.1` |
| [tsx](https://github.com/privatenumber/tsx) | `4.22.4` | `4.23.0` |
| [@supabase/ssr](https://github.com/supabase/ssr) | `0.10.3` | `0.12.0` |
| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.17.0` | `1.23.0` |
| [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss) | `4.3.0` | `4.3.2` |
| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.16` | `19.2.17` |
| [postcss](https://github.com/postcss/postcss) | `8.5.15` | `8.5.16` |



Updates `@modelcontextprotocol/sdk` from 1.13.0 to 1.29.0
- [Release notes](https://github.com/modelcontextprotocol/typescript-sdk/releases)
- [Commits](modelcontextprotocol/typescript-sdk@1.13.0...v1.29.0)

Updates `@supabase/supabase-js` from 2.107.0 to 2.110.1
- [Release notes](https://github.com/supabase/supabase-js/releases)
- [Changelog](https://github.com/supabase/supabase-js/blob/master/packages/core/supabase-js/CHANGELOG.md)
- [Commits](https://github.com/supabase/supabase-js/commits/v2.110.1/packages/core/supabase-js)

Updates `tsx` from 4.22.4 to 4.23.0
- [Release notes](https://github.com/privatenumber/tsx/releases)
- [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs)
- [Commits](privatenumber/tsx@v4.22.4...v4.23.0)

Updates `@supabase/ssr` from 0.10.3 to 0.12.0
- [Release notes](https://github.com/supabase/ssr/releases)
- [Changelog](https://github.com/supabase/ssr/blob/main/CHANGELOG.md)
- [Commits](supabase/ssr@v0.10.3...v0.12.0)

Updates `lucide-react` from 1.17.0 to 1.23.0
- [Release notes](https://github.com/lucide-icons/lucide/releases)
- [Commits](https://github.com/lucide-icons/lucide/commits/1.23.0/packages/lucide-react)

Updates `@tailwindcss/postcss` from 4.3.0 to 4.3.2
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.2/packages/@tailwindcss-postcss)

Updates `@types/react` from 19.2.16 to 19.2.17
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `postcss` from 8.5.15 to 8.5.16
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.5.15...8.5.16)

Updates `tailwindcss` from 4.3.0 to 4.3.2
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.2/packages/tailwindcss)

---
updated-dependencies:
- dependency-name: "@modelcontextprotocol/sdk"
  dependency-version: 1.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-minor-and-patch
- dependency-name: "@supabase/ssr"
  dependency-version: 0.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-minor-and-patch
- dependency-name: "@supabase/supabase-js"
  dependency-version: 2.110.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-minor-and-patch
- dependency-name: "@tailwindcss/postcss"
  dependency-version: 4.3.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-minor-and-patch
- dependency-name: "@types/react"
  dependency-version: 19.2.17
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-minor-and-patch
- dependency-name: lucide-react
  dependency-version: 1.23.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-minor-and-patch
- dependency-name: postcss
  dependency-version: 8.5.16
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-minor-and-patch
- dependency-name: tailwindcss
  dependency-version: 4.3.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-minor-and-patch
- dependency-name: tsx
  dependency-version: 4.23.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/npm-minor-and-patch-e8e9ff4c51 branch from b8667b2 to 2ccd39e Compare July 8, 2026 00:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants