Skip to content

fix(deps): update dependencies minor and patch updates#822

Open
renovate[bot] wants to merge 1 commit intomainfrom
renovate/minor-patch
Open

fix(deps): update dependencies minor and patch updates#822
renovate[bot] wants to merge 1 commit intomainfrom
renovate/minor-patch

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate Bot commented Sep 13, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
@tanstack/react-query (source) 5.99.05.100.1 age confidence
@tanstack/react-router (source) 1.168.221.168.24 age confidence
axios (source) 1.15.01.15.2 age confidence
monaco-editor ^0.51.0^0.55.0 age confidence
oidc-spa (source) 10.2.110.2.2 age confidence
react-hook-form (source) 7.72.17.73.1 age confidence

Release Notes

TanStack/query (@​tanstack/react-query)

v5.100.1

Patch Changes

v5.100.0

Compare Source

Patch Changes

v5.99.2

Compare Source

Patch Changes

v5.99.1

Compare Source

Patch Changes
TanStack/router (@​tanstack/react-router)

v1.168.24

Compare Source

Patch Changes

  • Add TanStack Start inline CSS manifest support for SSR so route styles can be embedded in the HTML response and hydrated without duplicate stylesheet links. (#​7253)

  • Updated dependencies [4d864ee]:

v1.168.23

Compare Source

Patch Changes
  • fix(react-router): prevent webpack static analysis of React.use with let binding (#​7182)
axios/axios (axios)

v1.15.2

Compare Source

This release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in allowedSocketPaths allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.

🔒 Security Fixes

  • Prototype Pollution Hardening (HTTP Adapter): Hardened the Node HTTP adapter and resolveConfig/mergeConfig/validator paths to read only own properties and use null-prototype config objects, preventing polluted auth, baseURL, socketPath, beforeRedirect, and insecureHTTPParser from influencing requests. (#​10779)
  • SSRF via socketPath: Rejects non-string socketPath values and adds an opt-in allowedSocketPaths config option to restrict permitted Unix domain socket paths, returning AxiosError ERR_BAD_OPTION_VALUE on mismatch. (#​10777)
  • Supply-chain Hardening: Added .npmrc with ignore-scripts=true, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded SECURITY.md/THREATMODEL.md with provenance verification (npm audit signatures), 60-day resolution policy, and maintainer incident-response runbook. (#​10776)

🚀 New Features

  • allowedSocketPaths Config Option: New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (#​10777)

🐛 Bug Fixes

  • Keep-alive Socket Memory Leak: Installs a single per-socket error listener tracking the active request via kAxiosSocketListener/kAxiosCurrentReq, eliminating per-request listener accumulation, MaxListenersExceededWarning, and linear heap growth under concurrent or long-running keep-alive workloads (fixes #​10780). (#​10788)

🔧 Maintenance & Chores

  • Changelog: Updated CHANGELOG.md with v1.15.1 release notes. (#​10781)

Full Changelog

v1.15.1

Compare Source

microsoft/monaco-editor (monaco-editor)

v0.55.1

Compare Source

  • Fixes missing language exports (monaco.json/typescript/...) due to wrong "types" path - #​5123

v0.55.0

Compare Source

Breaking Changes
  • Moves nested namespaces (languages.css, languages.html, languages.json, languages.typescript) to top level namespaces (css, html, json, typescript) to simplify the build process and align with typescript recommendations.
New Features
  • Adds native LSP support (see new lsp namespace).
Bug Fixes
  • Updates dompurify to 3.2.7

v0.54.0

Compare Source

  • Adds option editor.mouseMiddleClickAction
  • Various bug fixes

v0.53.0

Compare Source

  • ⚠️ This release deprecates the AMD build and ships with significant changes of the AMD build. The AMD build will still be shipped for a while, but we don't offer support for it anymore. Please migrate to the ESM build.
New Features
  • Next Edit Suggestion support.
  • Scroll On Middle Click
  • Edit Context Support
Breaking Changes
  • Internal AMD modules are no longer accessible. Accessing internal AMD modules was never supported. While this is still possible in the ESM build, we don't encourage this usage pattern.
  • The browser-script-editor scenario for unbundled synchronous script import and editor creation no longer works. Instead, a the ESM build should be used with a bundler, such as vite or webpack.
  • Custom AMD workers don't work anymore out of the box.

v0.52.2

Compare Source

Changes:

This list of changes was auto generated.

v0.52.0

Compare Source

  • Comment added inside of IModelContentChangedEvent
keycloakify/oidc-spa (oidc-spa)

v10.2.2

Compare Source

Full Changelog: keycloakify/oidc-spa@v10.2.1...v10.2.2

react-hook-form/react-hook-form (react-hook-form)

v7.73.1

Compare Source

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added the Type: Dependencies Pull requests that update a dependency file label Sep 13, 2024
@renovate renovate Bot force-pushed the renovate/minor-patch branch 3 times, most recently from 0c2b756 to cae9e09 Compare September 16, 2024 12:28
@renovate renovate Bot changed the title fix(deps): update dependencies minor and patch updates fix(deps): update dependencies minor and patch updates to v18.3.1 Sep 16, 2024
@renovate renovate Bot force-pushed the renovate/minor-patch branch from cae9e09 to b77185f Compare September 19, 2024 14:28
@renovate renovate Bot changed the title fix(deps): update dependencies minor and patch updates to v18.3.1 fix(deps): update dependencies minor and patch updates Sep 19, 2024
@renovate renovate Bot force-pushed the renovate/minor-patch branch 2 times, most recently from 1b5bdfa to 7b98036 Compare September 23, 2024 08:04
@renovate renovate Bot force-pushed the renovate/minor-patch branch 2 times, most recently from c9816d6 to dc331b2 Compare October 4, 2024 03:43
@renovate renovate Bot force-pushed the renovate/minor-patch branch 4 times, most recently from 1a8748a to 0b8b5dd Compare October 15, 2024 16:02
@renovate renovate Bot force-pushed the renovate/minor-patch branch 2 times, most recently from 2f271e7 to a0a31f5 Compare October 21, 2024 17:24
@renovate renovate Bot force-pushed the renovate/minor-patch branch 2 times, most recently from 0bdd692 to 88494b6 Compare November 14, 2024 19:45
@renovate renovate Bot force-pushed the renovate/minor-patch branch from 88494b6 to 7e2e76d Compare November 18, 2024 00:44
@renovate renovate Bot force-pushed the renovate/minor-patch branch from 7e2e76d to 5dd7bb6 Compare December 2, 2024 08:11
@renovate renovate Bot force-pushed the renovate/minor-patch branch from 5dd7bb6 to b941f84 Compare December 9, 2024 15:39
@renovate renovate Bot force-pushed the renovate/minor-patch branch 3 times, most recently from 38db725 to d000ff0 Compare December 18, 2024 21:03
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Dec 18, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@renovate renovate Bot force-pushed the renovate/minor-patch branch from d000ff0 to 2303e4f Compare April 1, 2026 09:42
@renovate renovate Bot changed the base branch from main to next April 1, 2026 09:42
@renovate renovate Bot force-pushed the renovate/minor-patch branch 2 times, most recently from 0768937 to e508003 Compare April 3, 2026 10:09
@renovate renovate Bot force-pushed the renovate/minor-patch branch 11 times, most recently from 332f46b to 82adfa2 Compare April 15, 2026 01:40
@laurentC35
Copy link
Copy Markdown
Contributor

laurentC35 commented Apr 16, 2026

Test en local: monaco editor ou VTL editor fait planter l'appli legacy. a essayé en gardant la version précédente de monaco

@laurentC35 laurentC35 mentioned this pull request Apr 16, 2026
Merged
@renovate renovate Bot force-pushed the renovate/minor-patch branch from 82adfa2 to 045612f Compare April 16, 2026 09:15
@renovate renovate Bot changed the title fix(deps): update dependencies minor and patch updates fix(deps): update dependency monaco-editor to ^0.55.0 Apr 16, 2026
@renovate renovate Bot force-pushed the renovate/minor-patch branch from 045612f to 747cc77 Compare April 16, 2026 12:30
@renovate renovate Bot changed the base branch from next to main April 16, 2026 12:30
@renovate renovate Bot force-pushed the renovate/minor-patch branch from 747cc77 to 9f61d76 Compare April 18, 2026 18:50
@renovate renovate Bot changed the title fix(deps): update dependency monaco-editor to ^0.55.0 fix(deps): update dependencies minor and patch updates Apr 18, 2026
@renovate renovate Bot force-pushed the renovate/minor-patch branch 7 times, most recently from 03efff1 to 8b1fb9d Compare April 23, 2026 21:54
@renovate renovate Bot force-pushed the renovate/minor-patch branch from 8b1fb9d to e0dde3f Compare April 25, 2026 01:05
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Apr 25, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Apr 25, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

Type: Dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@laurentC35