chore(deps)(deps): bump the non-breaking-dependencies group across 1 directory with 21 updates

[dependabot]

Bumps the non-breaking-dependencies group with 21 updates in the / directory:

Package	From	To
@hookform/resolvers	5.2.2	5.4.0
@tanstack/react-query	5.95.0	5.100.14
@tauri-apps/api	2.10.1	2.11.0
@tauri-apps/plugin-dialog	2.6.0	2.7.1
@tauri-apps/plugin-fs	2.4.5	2.5.1
fflate	0.8.2	0.8.3
hono	4.12.8	4.12.23
ajv	8.18.0	8.20.0
react-hook-form	7.72.0	7.76.1
react-resizable-panels	4.7.5	4.11.2
react-router-dom	7.13.2	7.15.1
sql-formatter	15.7.2	15.8.0
zod	4.3.6	4.4.3
@playwright/test	1.58.2	1.60.0
@tauri-apps/cli	2.10.1	2.11.2
@types/chrome	0.1.38	0.1.42
autoprefixer	10.4.27	10.5.0
postcss	8.5.8	8.5.15
terser	5.46.1	5.48.0
typescript-eslint	8.57.1	8.59.4
vite-plugin-pwa	1.2.0	1.3.0

Updates @hookform/resolvers from 5.2.2 to 5.4.0

Release notes

Sourced from @​hookform/resolvers's releases.

v5.4.0

5.4.0 (2026-05-21)

Features

• feat: add ata-validator resolver (#845)

Fixes

• fix issue with toNestErrors.ts (#848)

• add guidance on passing context to yupResolver (useForm context) (#835) (3d29924)

Commits

• 3d29924 feat: add guidance on passing context to yupResolver (useForm context) (#835)
• 56b68f3 feat: 5.3.0
• cf8562d update readme on ata-validator
• 5e5b610 fix issue with toNestErrors.ts (#848)
• 72aacf8 Revise supported versions in SECURITY.md
• ad89a20 feat: add ata-validator resolver (#845)
• 02286db ci: updated publish workflow to use node 24 (#838)
• 2e9bc7c Fix(zodResolver): error paths in complex unions #787 (#819)
• See full diff in compare view

Updates @tanstack/react-query from 5.95.0 to 5.100.14

Release notes

Sourced from @​tanstack/react-query's releases.

@​tanstack/react-query-devtools@​5.100.14

Patch Changes

• Updated dependencies [ed20b6d]:
  • @​tanstack/react-query@​5.100.14
  • @​tanstack/query-devtools@​5.100.14

@​tanstack/react-query-next-experimental@​5.100.14

Patch Changes

• Updated dependencies [ed20b6d]:
  • @​tanstack/react-query@​5.100.14

@​tanstack/react-query-persist-client@​5.100.14

Patch Changes

• Updated dependencies [ed20b6d]:
  • @​tanstack/react-query@​5.100.14
  • @​tanstack/query-persist-client-core@​5.100.14

@​tanstack/react-query@​5.100.14

Patch Changes

• fix(react-query): do not go into optimistic fetching state when not subscribed (#10759)

• Updated dependencies []:

  • @​tanstack/query-core@​5.100.14

@​tanstack/react-query-devtools@​5.100.13

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-devtools@​5.100.13
  • @​tanstack/react-query@​5.100.13

@​tanstack/react-query-next-experimental@​5.100.13

Patch Changes

• Updated dependencies []:
  • @​tanstack/react-query@​5.100.13

@​tanstack/react-query-persist-client@​5.100.13

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-persist-client-core@​5.100.13
  • @​tanstack/react-query@​5.100.13

@​tanstack/react-query@​5.100.13

Patch Changes

... (truncated)

Changelog

Sourced from @​tanstack/react-query's changelog.

5.100.14

Patch Changes

• fix(react-query): do not go into optimistic fetching state when not subscribed (#10759)

• Updated dependencies []:

  • @​tanstack/query-core@​5.100.14

5.100.13

Patch Changes

• Updated dependencies [d423168]:
  • @​tanstack/query-core@​5.100.13

5.100.12

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.12

5.100.11

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.11

5.100.10

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.10

5.100.9

Patch Changes

• Updated dependencies [fcee7bd]:
  • @​tanstack/query-core@​5.100.9

5.100.8

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.8

... (truncated)

Commits

• ba6e7be ci: Version Packages (#10767)
• ed20b6d fix(react): do not go into optimistic fetching state when not subscribed (#10...
• 05cf2bc ci: Version Packages (#10758)
• d423168 fix(query-core): use built-in NoInfer for generic indexed-access types (#10593)
• 5ff4f69 ci: Version Packages (#10755)
• 3e85350 ci: Version Packages (#10706)
• 9d2692c ci: Version Packages (#10695)
• 74fa05e chore(tsconfig.json): narrow 'include' pattern to prevent TS6053 race conditi...
• 8c3d523 ci: Version Packages (#10630)
• 9800c8f ci: Version Packages (#10623)
• Additional commits viewable in compare view

Updates @tauri-apps/api from 2.10.1 to 2.11.0

Release notes

Sourced from @​tauri-apps/api's releases.

@​tauri-apps/api v2.11.0

No known vulnerabilities found

[2.11.0]

New Features

• 074299c08 (#14307) Add Bring All to Front predefined menu item type
• a12142a48 (#14357) Add macos support for setting the icon and icon template state in the same step of the main thread, to prevent flickering.
• 001c8fe3d (#14722) Add a WebView option to control browser-level general autofill behavior. This option does not disable password or credit card autofill. On Windows (WebView2), setting it to true disables the general autofill "Suggestions" UI, which may appear even when autocomplete="off" is specified on input elements. On Linux, macOS, iOS, and Android, this option is currently unsupported and performs no operation.
• eb0312ea9 (#15199) Propagates the Event::Suspended and Event::Resumed events from tao when they are emitted on mobile targets.

> @tauri-apps/api@2.11.0 npm-publish /home/runner/work/tauri/tauri/packages/api
> pnpm build && cd ./dist && pnpm publish --access public --loglevel silly --no-git-checks
> @​tauri-apps/api@​2.11.0 build /home/runner/work/tauri/tauri/packages/api
> rollup -c --configPlugin typescript
�[36m
�[1m./src/app.ts, ./src/core.ts, ./src/dpi.ts, ./src/event.ts, ./src/image.ts, ./src/index.ts, ./src/menu.ts, ./src/mocks.ts, ./src/path.ts, ./src/tray.ts, ./src/webview.ts, ./src/webviewWindow.ts, ./src/window.ts�[22m → �[1m./dist, ./dist�[22m...�[39m
�[32mcreated �[1m./dist, ./dist�[22m in �[1m1s�[22m�[39m
�[36m
�[1msrc/index.ts�[22m → �[1m../../crates/tauri/scripts/bundle.global.js�[22m...�[39m
�[32mcreated �[1m../../crates/tauri/scripts/bundle.global.js�[22m in �[1m1.6s�[22m�[39m
npm verbose cli /opt/hostedtoolcache/node/24.14.1/x64/bin/node /opt/hostedtoolcache/node/24.14.1/x64/bin/npm
npm info using npm@11.11.0
npm info using node@v24.14.1
npm silly config load:file:/opt/hostedtoolcache/node/24.14.1/x64/lib/node_modules/npm/npmrc
npm silly config load:file:/tmp/62753b73fd2498862aee9b07ed29cc21/.npmrc
npm silly config load:file:/home/runner/.npmrc
npm silly config load:file:/home/runner/.config/pnpm/rc
npm verbose title npm publish tauri-apps-api-2.11.0.tgz
npm verbose argv "publish" "--ignore-scripts" "tauri-apps-api-2.11.0.tgz" "--access" "public" "--loglevel" "silly"
npm verbose logfile logs-max:10 dir:/home/runner/.npm/_logs/2026-04-30T15_51_13_171Z-
npm verbose logfile /home/runner/.npm/_logs/2026-04-30T15_51_13_171Z-debug-0.log
npm warn Unknown env config "verify-deps-before-run". This will stop working in the next major version of npm. See npm help npmrc for supported config options.
npm warn Unknown env config "npm-globalconfig". This will stop working in the next major version of npm. See npm help npmrc for supported config options.
npm warn Unknown env config "_jsr-registry". This will stop working in the next major version of npm. See npm help npmrc for supported config options.
</tr></table>

... (truncated)

Commits

• e60834f Apply Version Updates From Current Changes (#15041)
• df05c00 chore: minor bump for codegen crate
• 13bea17 chore: fmt
• 9808236 fix(macOS): correct value for work_area.position.y (#14655)
• eb0312e feat(mobile): Propagate tao::Event::Suspended and tao::Event::Resumed to the ...
• 4ef5797 feat(ios): add --no-sign and --archive-only flags to ios build (#15061)
• 110336c fix(macOS): fix incorrect window position on multi-monitor setups (#15250)
• c00a3db feat(macros): add support for rename command macro in tauri-macros #14173 (#1...
• 764b913 feat(cli): restart Android emulator if it is disconnected from adb (#14313)
• 1035f12 fix(windows): tauri-bundler detect arm system (#14923)
• Additional commits viewable in compare view

Updates @tauri-apps/plugin-dialog from 2.6.0 to 2.7.1

Release notes

Sourced from @​tauri-apps/plugin-dialog's releases.

dialog-js v2.7.1

[2.7.1]

Dependencies

• Upgraded to fs-js@2.5.1

npm warn Unknown user config "always-auth". This will stop working in the next major version of npm. See `npm help npmrc` for supported config options.
npm warn publish npm auto-corrected some errors in your package.json when publishing.  Please run "npm pkg fix" to address these errors.
npm warn publish errors corrected:
npm warn publish "repository" was changed from a string to an object
npm warn publish "repository.url" was normalized to "git+https://github.com/tauri-apps/plugins-workspace.git"
npm notice
npm notice 📦  @tauri-apps/plugin-dialog@2.7.1
npm notice Tarball Contents
npm notice 888B LICENSE.spdx
npm notice 3.5kB README.md
npm notice 6.9kB dist-js/index.cjs
npm notice 14.6kB dist-js/index.d.ts
npm notice 6.8kB dist-js/index.js
npm notice 11B dist-js/init.d.ts
npm notice 657B package.json
npm notice Tarball Details
npm notice name: @tauri-apps/plugin-dialog
npm notice version: 2.7.1
npm notice filename: tauri-apps-plugin-dialog-2.7.1.tgz
npm notice package size: 6.7 kB
npm notice unpacked size: 33.3 kB
npm notice shasum: fc83387de807c8d064d2b64b1b813b84e8286a12
npm notice integrity: sha512-OK1UBXYt+ojcm[...]FmEOjIY9IhzOQ==
npm notice total files: 7
npm notice
npm notice Publishing to https://registry.npmjs.org/ with tag latest and public access
npm notice publish Signed provenance statement with source and build information from GitHub Actions
npm notice publish Provenance statement published to transparency log: https://search.sigstore.dev/?logIndex=1429011725
+ @tauri-apps/plugin-dialog@2.7.1

dialog v2.7.1

[2.7.1]

Dependencies

• Upgraded to fs-js@2.5.1

... (truncated)

Commits

• e7a68fa publish new versions (#3068)
• b5550a3 chore: temp delete updater changefile
• 93426f8 fix: fix docsrs builds
• 4ee61e0 Revert "chore: temp delete updater changefile"
• 06124af publish new versions (#2972)
• 060219e chore(deps): update dependency @​rollup/plugin-typescript to v12.3.0 (#3067)
• c7e9766 chore(deps): update tauri monorepo (v2) (#3058)
• d4a8ce9 chore(deps): update rust crate tokio-tungstenite to 0.28 (#3016)
• cdc7eec chore(deps): update dependency @​rollup/plugin-typescript to v12.2.0 (#3066)
• 6314b00 chore: temp delete updater changefile
• Additional commits viewable in compare view

Updates @tauri-apps/plugin-fs from 2.4.5 to 2.5.1

Release notes

Sourced from @​tauri-apps/plugin-fs's releases.

fs-js v2.5.1

[2.5.1]

• ec054013 (#3323 by @​renovate) Updated dependency toml from 0.9 to 1

npm warn Unknown user config "always-auth". This will stop working in the next major version of npm. See `npm help npmrc` for supported config options.
npm warn publish npm auto-corrected some errors in your package.json when publishing.  Please run "npm pkg fix" to address these errors.
npm warn publish errors corrected:
npm warn publish "repository" was changed from a string to an object
npm warn publish "repository.url" was normalized to "git+https://github.com/tauri-apps/plugins-workspace.git"
npm notice
npm notice 📦  @tauri-apps/plugin-fs@2.5.1
npm notice Tarball Contents
npm notice 888B LICENSE.spdx
npm notice 2.4kB README.md
npm notice 32.8kB dist-js/index.cjs
npm notice 32.6kB dist-js/index.d.ts
npm notice 32.0kB dist-js/index.js
npm notice 697B package.json
npm notice Tarball Details
npm notice name: @tauri-apps/plugin-fs
npm notice version: 2.5.1
npm notice filename: tauri-apps-plugin-fs-2.5.1.tgz
npm notice package size: 21.5 kB
npm notice unpacked size: 101.5 kB
npm notice shasum: e1b8643d41c74251699fcdecc800877d18a4a6fc
npm notice integrity: sha512-9Lz+Jopp6QyeE[...]tqPB/XEMS3NhQ==
npm notice total files: 6
npm notice
npm notice Publishing to https://registry.npmjs.org/ with tag latest and public access
npm notice publish Signed provenance statement with source and build information from GitHub Actions
npm notice publish Provenance statement published to transparency log: https://search.sigstore.dev/?logIndex=1429011689
+ @tauri-apps/plugin-fs@2.5.1

fs v2.5.1

[2.5.1]

• ec054013 (#3323 by @​renovate) Updated dependency toml from 0.9 to 1

</tr></table> 

... (truncated)

Commits

• 5c7668b publish new versions (#3397)
• ec05401 chore(deps): update rust crate toml to v1 (#3323)
• b86e999 chore(deps): update tauri packages to 2.11 (#3407)
• c463d8a chore(deps): update rustls-webpki in lockfile, ignore core2 in audit (#3405)
• 1bb7beb chore(deps): bump openssl (#3402)
• 3412fa2 docs(readme): fix platform support matrix (opener supports mobile)
• af81fda docs(readme): fix platform support matrix (mobile is supported)
• c1fd33b fix(opener): allow open network share locations (#3343)
• 250857b chore(deps): update dependency typescript to v6 (#3363)
• 964e13f fix(store): dead lock trying to set while exiting (#3395)
• Additional commits viewable in compare view

Updates fflate from 0.8.2 to 0.8.3

Release notes

Sourced from fflate's releases.

v0.8.3

• Fix buffer over-read for Zip64 extra fields
• Support sync flushes (Z_SYNC_FLUSH in zlib)
  • Allows for immediate decompression of all pushed bytes
  • Enables DEFLATE stream concatenation
• Fix zip/zipSync when using cross-realm Uint8Array
• Improve Zip64 support for streamed or undersized archives
• Update performance estimates in README
• Fix typings for TypeScript v5.7+
• Reduce memory consumption after compression stream completion

Changelog

Sourced from fflate's changelog.

0.8.3

• Fix buffer over-read for Zip64 extra fields
• Support sync flushes (Z_SYNC_FLUSH in zlib)
  • Allows for immediate decompression of all pushed bytes
  • Enables DEFLATE stream concatenation
• Fix zip/zipSync when using cross-realm Uint8Array
• Improve Zip64 support for streamed or undersized archives
• Update performance estimates in README
• Fix typings for TypeScript v5.7+
• Reduce memory consumption after compression stream completion

Commits

• dcb3714 0.8.3
• 31acfb8 prepare for v0.8.3
• 7b71e3c update dependencies
• 44ff62d fix zip64 header parsing
• 7235df5 Fix TypeScript issues (#242)
• a44eda0 release compression buffers after stream end (#213)
• d94deb6 allow cross-realm Uint8Array for zip/zipSync (#234)
• 2e1fb75 export package.json (#244)
• 0f430b4 support sync flushes for compression streams (#222)
• 4b7a6cb skip transferring pooled Node buffers (#227)
• Additional commits viewable in compare view

Updates hono from 4.12.8 to 4.12.23

Release notes

Sourced from hono's releases.

v4.12.23

What's Changed

• fix(serve-static): normalize all backslashes in file paths, not just the first in honojs/hono#4962
• feat(context): export the Context class publicly by @​BlankParticle in honojs/hono#4543
• docs(contribution): add AI Usage Policy by @​yusukebe in honojs/hono#4970
• feat(compress): add contentTypeFilter option and COMPRESSIBLE_CONTENT_TYPE_REGEX re-export by @​na-trium-144 in honojs/hono#4961
• fix(utils/ipaddr): do not compress a single 0 group to :: by @​yusukebe in honojs/hono#4971

Full Changelog: honojs/hono@v4.12.22...v4.12.23

v4.12.22

What's Changed

• chore: update vitest to v4 and cleanups by @​BlankParticle in honojs/hono#4952
• fix(mime): specify charset parameter per MIME type instead of mechanical detection by @​renatograsso10 in honojs/hono#4912
• fix(compress): respect Accept-Encoding when encoding option is set by @​LeSingh1 in honojs/hono#4951
• fix(deno): echo negotiated WebSocket subprotocol in upgrade response by @​ATOM00blue in honojs/hono#4955
• feat: add msgpack as a compressible content type by @​na-trium-144 in honojs/hono#4957

New Contributors

• @​renatograsso10 made their first contribution in honojs/hono#4912
• @​LeSingh1 made their first contribution in honojs/hono#4951
• @​ATOM00blue made their first contribution in honojs/hono#4955
• @​na-trium-144 made their first contribution in honojs/hono#4957

Full Changelog: honojs/hono@v4.12.21...v4.12.22

v4.12.21

Security fixes

This release includes fixes for the following security issues:

app.mount() strips mount prefix using undecoded path, causing incorrect routing for percent-encoded paths

Affects: app.mount(). Fixes prefix stripping using the raw URL pathname instead of the decoded path, where percent-encoded characters in the mount prefix or path could cause the prefix to be removed at the wrong position, resulting in the sub-application receiving an incorrect path. GHSA-2gcr-mfcq-wcc3

IP Restriction bypasses static deny rules for non-canonical IPv6

Affects: hono/ip-restriction. Fixes IP address comparison using string equality, where non-canonical IPv6 representations of a denied address — such as compressed forms or hex-notation IPv4-mapped addresses — could bypass static deny rules. GHSA-xrhx-7g5j-rcj5

Cookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection

Affects: hono/cookie. Fixes missing validation of sameSite and priority options against injection characters (;, \r, \n), where user-controlled input passed to either option could inject additional attributes into the Set-Cookie response header. GHSA-3hrh-pfw6-9m5x

JWT middleware accepts any Authorization scheme, not only Bearer

Affects: hono/jwt, hono/jwk. Fixes missing scheme validation in the Authorization header, where any two-part header value was accepted regardless of the scheme name, allowing non-Bearer schemes to pass JWT authentication. GHSA-f577-qrjj-4474

---

Users who use app.mount(), hono/ip-restriction, hono/cookie, or hono/jwt/hono/jwk are encouraged to upgrade to this version.

... (truncated)

Commits

• 83bfb3b 4.12.23
• bcd290a fix(utils/ipaddr): do not compress a single 0 group to :: (#4971)
• c968177 feat(compress): add contentTypeFilter option and `COMPRESSIBLE_CONTENT_TYPE_R...
• 0265a54 docs(contribution): add AI Usage Policy (#4970)
• c84c5d2 feat(context): export the Context class publicly (#4543)
• 82dad62 fix(serve-static): normalize all backslashes in file paths, not just the firs...
• 2f01b77 4.12.22
• 6bc0dff feat: add msgpack as a compressible content type (#4957)
• 7e0555d fix(deno): echo negotiated WebSocket subprotocol in upgrade response (#4955)
• f0ed246 fix(compress): respect Accept-Encoding when encoding option is set (#4951)
• Additional commits viewable in compare view

Updates ajv from 8.18.0 to 8.20.0

Release notes

Sourced from ajv's releases.

v8.20.0

What's Changed

• fix: add support for node 22/24, drop node 16/21 by @​jasoniangreen in ajv-validator/ajv#2580
• fix: add ES2022.RegExp for RegExpIndicesArray by @​SignpostMarv in ajv-validator/ajv#2604

Full Changelog: ajv-validator/ajv@v8.19.0...v8.20.0

v8.19.0

What's Changed

• fix prototype pollution via format keyword using $data ref by @​epoberezkin in ajv-validator/ajv#2607

Full Changelog: ajv-validator/ajv@v8.18.0...v8.19.0

Commits

• 0fba0b8 8.20.0
• 9caf8d6 fix: add ES2022.RegExp for RegExpIndicesArray; fixes ajv-validator/ajv#2603 (...
• 2065350 fix: add support for node 22/24, drop node 16/21 (#2580)
• 154b58d 8.19.0
• e8d2bdc test/fix prototype pollution via $data ref with format keyword (#2607)
• See full diff in compare view

Updates react-hook-form from 7.72.0 to 7.76.1

Release notes

Sourced from react-hook-form's releases.

Version 7.76.1

🐞 fix: pass options parameter through setValues to enable validation (#13457) 🐞 fix(setValues): emit whole-form change without stale name/type (#13450) 🚗 perf(setValues): thread skipClone through setFieldValue (#13448) 🚗 perf(setValues): skip redundant per-field deep clones (#13445) Revert "🐞 fix: treat NaN as empty when valueAsNumber is true in validateField (#13388)"

thanks to @​philibea & @​maxkostow

Version v7.76.0

🪭 close #13141 improve isDirty sync with dirtyFields state (#13370) 🐞 fix isValidating reactivity when validatingFields is not subscribed (#13440) 🛺 test: fix duplicate-word typos in test descriptions (#13439) 🐞 fix #13436: errors state when using form level validation (#13437) 🐞 fix #13429 append({ obj: null }) is silently replaced by defaultValues after remove() (#13435) 🐞 fix native validation tooltip suppression caused by duplicate submit-error focus (#13432) 🐞 fix: propagate setValues updates to mounted Controller fields (#13431) 🐞 fix: rreserve reset values for conditionally mounted Controller fields with shouldUnregister 🐞 fix: useFieldArray remove leaves array with empty object when using values prop (#13422) 🐞 fix #13260: notify all matching field-array roots on nested setValue updates (#13420) 🐞 fix #13104: preserve nested resolver field-array errors in trigger() (#13419) 🐞 fix #13413: preserve formState.defaultValues when useFieldArray + watch are used together 📝 docs: fix JSDoc for IsNever, register, and getFieldState (#13410) (#13411) 🐞 fix(Watch): restore TypeScript 4 compatibility (#13409)

Big thanks to @​dfedoryshchev for multiple fixes, and to @​EduardF1, @​in-ch and @​johnstrand.

Version 7.75.0

🦧 feat: improve get dirty fields prune empty fields (#13363)

+ dirtyFields: { test: [{ data: false }] }
- dirtyFields: {} // removed the empty node with false value

🎹 typescript 6.0 (#13330) 🌡️ chore: minor improvement on setValue & reset (#13366) 🐞 fix #13403: include setValues in FormProvider context value (#13404) 🐞 fix: recompute isDirty after re-registering a previously unregistered field (#13399) 🐞 fix: preserve watch updates on field array unmount fixes #13375 (#13385) 🐞 fix: prevent useWatch re-render when unrelated field validation is … (#13398)

thanks to @​dfedoryshchev, @​cyky & @​gkarabelos

Version 7.74.0

🪇 feat: setValues (#13201)

setValues((data) => {
  return {
</tr></table> 

... (truncated)

Changelog

Sourced from react-hook-form's changelog.

[7.76.1] - 2026-05-23

Fixed

• Revert notify all matching field-array roots on nested setValue updates
• Revert treat NaN as empty when valueAsNumber is true in validateField
• setValues pass options parameter through to enable validation
• setValues emit whole-form change without stale name/type

Performance

• setValues skip redundant per-field deep clones
• setValues thread skipClone through setFieldValue

[7.76.0] - 2026-05-16

Added

• Improve isDirty sync with dirtyFields state

Fixed

• Preserve formState.defaultValues when useFieldArray and watch are used together
• Preserve nested resolver field-array errors in trigger()
• Notify all matching field-array roots on nested setValue updates
• useFieldArray remove leaves array with empty object when using values prop
• Preserve reset values for conditionally mounted Controller fields with shouldUnregister
• Propagate setValues updates to mounted Controller fields
• Native validation tooltip suppression caused by duplicate submit-error focus
• append({ obj: null }) silently replaced by defaultValues after remove()
• Errors state when using form-level validation
• isValidating reactivity when validatingFields is not subscribed

[7.75.0] - 2026-05-02

Added

• Improve getDirtyFields to prune empty fields
• TypeScript 6.0 support

Fixed

• Include setValues in FormProvider context value
• Preserve watch updates on field array unmount
• Prevent useWatch re-render when unrelated field validation occurs
• Recompute isDirty after re-registering a previously unregistered field

[7.74.0] - 2026-04-26

Added

... (truncated)

Commits

• 2b900d2 7.76.1
• 079348e 🚮 chore: remove --frozen-lockfile
• edf5c45 🧪 fix unit test
• d79648c Revert "🐞 fix: treat NaN as empty when valueAsNumber is true in validateField...
• 778881c 🐞 fix: pass options parameter through setValues to enable validation (#13457)
• a2ac01f 🧪 test(useFieldArray): regression coverage for descendant setValue key thrash...
• dfcebdb Revert "🐞 fix #13260: notify all matching field-array roots on nested setValu...
• ca01f65 Revert "🐞 fix(useFieldArray): preserve managed field ids in array subscriber ...
• 15d1762 🐞 fix(setValues): emit whole-form change without stale name/type (#13450)
• 989cbff 🚗 perf(setValues): thread skipClone through setFieldValue (#13448)
• Additional commits viewable in compare view

Updates react-resizable-panels from 4.7.5 to 4.11.2

Release notes

Sourced from react-resizable-panels's releases.

4.9.0

• 702: Add disableDoubleClick prop to Separator to enable turning off the double-click size reset behavior.

4.8.0

• 699: useDefaultLayout hook automatically migrates legacy layouts to version 4 format; see issue 605 or PR 699 for details on how this works.

4.7.6

• 698: Replace Panel aria-disabled attribute with data-disabled

Changelog

Sourced from react-resizable-panels's changelog.

4.11.2

• 719): Bug fix: Calculate rem-based sizes relative to owner document (not body)

4.11.1

• 715): Edge case SSR bug fix for panels with defaultSize={0}

4.11.0

• 712: Separator supports :focus-visible pseudo-class
• 703: Fix: edge case scenarios when collapsing the last panel
• 711: Improve legacy browser support wrt global stylesheets

4.10.0

• 705: Add data-separator="focus" state for Separator elements for more consistent custom CSS styles.

4.9.0

• 702: Add disableDoubleClick prop to Separator to enable turning off the double-click size reset behavior.

4.8.0

• 699: useDefaultLayout hook automatically migrates legacy layouts to version 4 format; see issue 605 for details on how this works.

4.7.6

• 698: Replace Panel aria-disabled attribute with data-disabled

Commits

• See full diff in compare view

Updates react-router-dom from 7.13.2 to 7.15.1

Changelog

Sourced from react-router-dom's changelog.

v7.15.1

Patch Changes

• Updated dependencies:
  • react-router@7.15.1

v7.15.0

Patch Changes

• Updated dependencies:
  • react-router@7.15.0

v7.14.2

Patch Changes

• Updated dependencies:
  • react-router@7.14.2

v7.14.1

Patch Changes

• Updated dependencies:
  • react-router@7.14.1

7.14.0

Patch Changes

• Updated dependencies:
  • react-router@7.14.0

Commits

• 587d08f Release v7.15.1 (#15038)
• 97c8de7 Release v7.15.0 (#15018)
• cf1d250 Release v7.14.2 (#14993)
• 197674b Release 7.14.1 (#14973)
• a87774f Add new release process (#14916)
• e31077b chore: Update version for release (#14945)
• 6683e85 chore: Update version for release (pre) (#14943)
• See full diff in compare view

Updates sql-formatter from 15.7.2 to 15.8.0

Release notes

Sourced from sql-formatter's releases.

15.8.0

PostgreSQL formatting

• Add support for PostgreSQL keywords in CREATE CONSTRAINT TRIGGER (#948) (thanks to @​karlhorky)

Internal changes

• Switch from yarn to pnpm (#949)

    View changes on GitHub

15.7.4

Bugfix

• Support Tcl-style $param(...) syntax in SQLite (#944, #943) (thanks to @​SAY-5)

15.7.3

Bugfixes

• ...

  Description has been truncated

[dependabot]

Labels

The following labels could not be found: npm. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.