Update dependency react-day-picker to v9.14.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
react-day-picker (source)	9.8.0 → 9.14.0

---

Release Notes

gpbl/react-day-picker (react-day-picker)

v9.14.0

Compare Source

Release date: 2026-02-26

This release introduces a new resetOnSelect prop and adds support for the Hijri calendar.

Resetting Selections in Range Mode

When in range selection mode, use the resetOnSelect prop to start a new range when a full range is already selected.

Hijri Calendar

To use the Hijri (Umm al-Qura) calendar, import DayPicker from react-day-picker/hijri:

import { DayPicker } from "react-day-picker/hijri";

export function HijriCalendar() {
  return <DayPicker />;
}

Read more in the documentation and play with it in playground.

What's Changed

• feat: add Hijri calendar support (Umm al-Qura) by @​ws-rush in #​2904
• feat: add resetOnSelect prop to reset date range when selecting date with completed range by @​rodgobbi in #​2906
• feat: add default lang prop to DayPicker root element by @​gpbl in #​2907

v9.13.2

Compare Source

Release date: 2026-02-10

This release fixes the style.css type declaration export and corrects labels for Northern Sami (se) and Japanese Hiragana (ja-Hira) locales.

What's Changed

• fix(build): add correct type declaration for style.css export by @​NotNestor in #​2897
• fix(locale): correct Northern Sami (se) and Japanese Hiragana (ja-Hira) labels by @​gpbl in #​2898

v9.13.1

Compare Source

Persian calendar improvements.

What's Changed

• feat: add narrow weekday format for Persian calendar by @​rezaaa in #​2895

New Contributors

• @​rezaaa made their first contribution in #​2895

Full Changelog: gpbl/react-day-picker@v9.13.0...v9.13.1

v9.13.0

Compare Source

Release date: 2025-12-18

This release introduces an experimental noonSafe prop to help deal with historical time zones with second offsets. See /localization/setting-time-zone#noonsafe for more details.

What's Changed

• feat: add experimental noonSafe prop for timezone offsets by @​gpbl in #​2879

v9.12.0

Compare Source

Release date: 2025-12-06

This release adds translated labels to built-in locales and fixes issues with array modifiers and the Hebrew calendar.

Translated Locales

DayPicker locales now ship with localized labels (e.g., “Go to next month”, “Today”), so you no longer need to supply them via labels. To use a locale:

import { es } from "react-day-picker/locale";
<DayPicker locale={es} />; // Use Spanish locale, now with translated labels.

If you previously set the labels prop for translations, you can remove it. For details on switching locales, see the localization guide.

What's Changed

• feat: add locale-aware labels and translated locale wrappers by @​gpbl in #​2861
• fix: match Date[] modifiers by day by @​gpbl in #​2865
• fix: correct Hebrew date conversion timezone handling by @​gpbl in #​2870

v9.11.3

Compare Source

Release date: 2025-11-29

Rendered HTML now includes empty cells in grids when endMonth is set, and fixes the v9.11.2 regression where JSDOM tests could fail when focusing disabled days.

Possible low impact breaking change: The grid markup changed, so brittle snapshot tests or custom CSS that depended on the old structure may need updates. Adjust snapshots/CSS accordingly.

What's Changed

• fix: ensure final week renders when endMonth clips the calendar by @​gpbl in #​2856
• fix: prevent selecting disabled focused days by @​gpbl in #​2860

v9.11.2

Compare Source

Release date: 2025-11-23

What's Changed

• fix: ensure modifiers honor the timeZone prop by @​gpbl in #​2849
• fix: allow focused disabled days to remain focusable by @​gpbl in #​2851
• chore(performance): cache resolved today across helpers for better performance by @​gpbl in #​2848
• chore(performance): memoize calendar and reuse ISO date ids in day rendering by @​gpbl in #​2850

v9.11.1

Compare Source

Release date: 2025-10-08

What's Changed

• fix: duplicated years in dropdown for some timezones by @​gpbl in #​2836
• fix: prevent focus navigation past disabled bounds by @​gpbl in #​2839

v9.11.0

Compare Source

Release date: 2025-09-20

This release adds support for Buddhist and Hebrew calendars, introduces new Southeast Asian numeral systems, adds the aria-labelledby prop, and improves month/year formatting for specific locales. It also includes fixes for the recently added Ethiopic calendar.

Buddhist Calendar

To use the Buddhist calendar, import DayPicker from react-day-picker/buddhist.

import { DayPicker } from "react-day-picker/buddhist";

export function BuddhistCalendar() {
  return <DayPicker />;
}

Read more in the documentation and play with it in playground.

Hebrew Calendar

To switch to the Hebrew calendar, import DayPicker from react-day-picker/hebrew.

import { DayPicker } from "react-day-picker/hebrew";

export function HebrewCalendar() {
  return <DayPicker />;
}

Read more in the documentation and play with it in playground.

What's Changed

• feat: Buddhist calendar by @​gpbl in #​2825
• feat: Hebrew calendar by @​gpbl in #​2827
• feat: align month/year caption and dropdown with locale by @​gpbl in #​2830
• feat: add aria-labelledby prop by @​gpbl in #​2828
• feat: add Southeast Asian numeral systems by @​gpbl in #​2832
• fix: ethiopic calendar may crash with dropdown layout by @​gpbl in #​2831
• fix: years are not correctly formatted in ethiopic calendar by @​gpbl in #​2831

v9.10.0

Compare Source

Release date: 2025-09-14

This release adds support for the Ethiopic calendar.

Ethiopic calendar

To use the Ethiopic calendar, import DayPicker from react-day-picker/ethiopic.

import { DayPicker } from "react-day-picker/ethiopic";

export function EthiopicCalendar() {
  return <DayPicker />;
}

Read more in the documentation and play with it in playground.

What's Changed

• feat: ethiopic calendar by @​temesgen-mulugeta in #​2658

v9.9.0

Compare Source

Release date: 2025-08-17

This release includes a new reverseYears prop, a range selection fix, and a build update to fix issues with source maps.

Reversing the Years in the Dropdown

When using captionLayout='dropdown', set reverseYears to reverse the years listed in the dropdown: the most recent year will appear first.

<DayPicker captionLayout="dropdown" reverseYears />

See it in action in the playground.

What's Changed

• feat: add reverseYears prop by @​gpbl in #​2822
• fix: select the same day in range mode when range is open and min prop is 0 by @​rodgobbi in #​2816
• build: removed source maps and src directory from package by @​gpbl in #​2812
• build: update date-fns/tz dependency by @​gpbl in #​2823

v9.8.1

Compare Source

Release date: 2025-07-26

Improved captionLayout documentation and build process.

What's Changed

• docs: Improve documentation for captionLayout prop by @​rodgobbi in #​2788 and @​haecheonlee in #​2787
• build: avoid locking dependencies by @​nihgwu in #​2789

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
v0-portfolio	Error		Jun 11, 2026 3:08pm
whale-manager	Error		Jun 11, 2026 3:08pm

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​radix-ui/​react-label@​2.1.9
	@​radix-ui/​react-separator@​1.1.9
	@​radix-ui/​react-slot@​1.2.5
	@​radix-ui/​react-tabs@​1.1.14
	bun-types@​1.3.14
	@​radix-ui/​react-switch@​1.3.0
	@​radix-ui/​react-toast@​1.2.16
	@​types/​pg@​8.20.0
	@​types/​sql.js@​1.4.11
	expo-sqlite@​56.0.4
	bcryptjs@​3.0.3
	postgres@​3.4.7 ⏵ 3.4.9	+1
	@​libsql/​client-wasm@​0.17.3
	@​op-engineering/​op-sqlite@​16.2.0
	express-session@​1.19.0
	@​tidbcloud/​serverless@​0.3.0
	cors@​2.8.6
	bufferutil@​4.1.0
	@​prisma/​client@​7.8.0
	@​opentelemetry/​api@​1.9.1
	@​planetscale/​database@​1.20.1
	gel@​2.2.0
	@​tanstack/​react-query@​5.101.0
	better-sqlite3@​12.10.0
	@​neondatabase/​serverless@​1.1.0
	drizzle-orm@​0.45.2
	pg@​8.21.0
	@​libsql/​client@​0.17.3
	express@​5.2.1
	knex@​3.2.10
	@​electric-sql/​pglite@​0.5.1
	react-day-picker@​9.14.0
See 8 more rows in the dashboard

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: npm @libsql/client-wasm is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: package.json → npm/@libsql/client-wasm@0.17.3 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@libsql/client-wasm@0.17.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm @prisma/client is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: package.json → npm/@prisma/client@7.8.0 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@prisma/client@7.8.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		License policy violation: npm bcryptjs under BSD-3-Clause-HP License: BSD-3-Clause-HP - The applicable license policy does not permit this license (5) (package/LICENSE) From: package.json → npm/bcryptjs@3.0.3 ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/bcryptjs@3.0.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm better-sqlite3 is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: package.json → npm/better-sqlite3@12.10.0 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/better-sqlite3@12.10.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm drizzle-orm is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: package.json → npm/drizzle-orm@0.45.2 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/drizzle-orm@0.45.2. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report