chore(release): version packages (#55)

github-actions[bot] · web-flow · commit cbc02ac0f6d5 · 2026-04-22T16:06:53.000+02:00
Co-authored-by: github-actions[bot] &lt;41898282+github-actions[bot]@users.noreply.github.com&gt;
diff --git a/.changeset/fix-usecallback-csrftoken-dep.md b/.changeset/fix-usecallback-csrftoken-dep.md
diff --git a/packages/nextjs/CHANGELOG.md b/packages/nextjs/CHANGELOG.md
@@ -1,5 +1,17 @@
 # @csrf-armor/nextjs
 
+## 1.4.4
+
+### Patch Changes
+
+- [#54](https://github.com/muneebs/csrf-armor/pull/54) [`e3da9dc`](https://github.com/muneebs/csrf-armor/commit/e3da9dcd9b24dff45365bf1a61ff0017c9ce2f57) Thanks [@muneebs](https://github.com/muneebs)! - fix(react): remove unnecessary `csrfToken` dependency from `useCallback`
+
+  `secureFetch` previously listed `csrfToken` in its `useCallback` dependency array, causing the function reference to change every time the token updated. This made the `CsrfContextValue` unstable and triggered unnecessary re-renders in any component consuming `useCsrf()`.
+
+  The token equality check (`newToken !== csrfToken`) was also redundant because React's `setState` already bails out for identical primitive values. Removing both the dependency and the comparison fixes the re-render issue without changing behavior.
+
+  Fixes #53
+
 ## 1.4.3
 
 ### Patch Changes
diff --git a/packages/nextjs/package.json b/packages/nextjs/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@csrf-armor/nextjs",
-  "version": "1.4.3",
+  "version": "1.4.4",
   "description": "CSRF protection middleware for Next.js applications",
   "type": "module",
   "main": "./dist/index.js",

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "@csrf-armor/nextjs",`
`3`		`- "version": "1.4.3",`
	`3`	`+ "version": "1.4.4",`
`4`	`4`	`"description": "CSRF protection middleware for Next.js applications",`
`5`	`5`	`"type": "module",`
`6`	`6`	`"main": "./dist/index.js",`