Skip to content

Bump the frontends-prod group across 1 directory with 4 updates#729

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/client/frontends-prod-7f2f66fe1f
Open

Bump the frontends-prod group across 1 directory with 4 updates#729
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/client/frontends-prod-7f2f66fe1f

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 29, 2026

Bumps the frontends-prod group with 4 updates in the /client directory: isomorphic-dompurify, js-cookie, react-router-dom and zustand.

Updates isomorphic-dompurify from 3.14.0 to 3.15.0

Release notes

Sourced from isomorphic-dompurify's releases.

3.15.0: Updated dependencies

  • dompurify 3.4.5 -> 3.4.7
  • @​biomejs/biome 2.4.15 -> 2.4.16
  • vitest 4.1.6 -> 4.1.7
  • packageManager pnpm 11.1.3 -> 11.4.0
Commits
  • 2542801 chore: Bump version to 3.15.0 and update dependencies.
  • 82bb1de chore(deps): bump dompurify from 3.4.5 to 3.4.6
  • 871d363 chore(deps-dev): bump vitest from 4.1.6 to 4.1.7
  • 518ae7d chore(deps-dev): bump lefthook from 2.1.6 to 2.1.8
  • 45a223b chore: Pin lefthook to 2.1.6 and add dependabot cooldown.
  • d6a1565 chore: Actualized pnpm-lock.yaml.
  • 29ba76f chore(deps): bump actions/checkout from 4 to 6
  • 4815ec0 chore(deps-dev): bump lefthook from 2.1.6 to 2.1.7
  • 6cf05bb chore(deps): bump pnpm/action-setup from 4 to 6
  • d846942 chore(deps): bump actions/setup-node from 4 to 6
  • Additional commits viewable in compare view

Updates js-cookie from 3.0.7 to 3.0.8

Release notes

Sourced from js-cookie's releases.

v3.0.8

  • Restore ES5 compatibility, inadvertently broken in 3.0.7 - #959
  • Lift Node version restriction, inadvertently restricted to >= 20 in 3.0.7 - #956
Commits
  • d7a1096 Craft v3.0.8 release
  • 248e685 Use existing Chrome with puppeteer
  • fc04269 Remove QUnit related workaround in Grunt config
  • 265a685 Tidy up package lock file
  • 478e591 Disable Node deprecation DEP0044 for release workflow
  • 331d524 Fix node version config for E2E test job
  • 11d773d Ensure ECMAScript compatibility
  • d788646 Remove engines property from package
  • e7d9a4d Fix typo in test assertion message
  • b5fca24 Make credentials use explicit in release workflow
  • See full diff in compare view

Updates react-router-dom from 7.15.1 to 7.16.0

Changelog

Sourced from react-router-dom's changelog.

v7.16.0

Patch Changes

  • Remove stale/invalid unpkg field from package.json. This was removed from other packages with the release of v7 but missed in the react-router-dom re-export package (#15075)
  • Updated dependencies:
Commits

Updates zustand from 5.0.13 to 5.0.14

Release notes

Sourced from zustand's releases.

v5.0.14

This release fixes a type issue in devtools.

What's Changed

New Contributors

Full Changelog: pmndrs/zustand@v5.0.13...v5.0.14

Commits
  • bfb2a9e 5.0.14
  • 62b2aff chore(deps): update dev dependencies (#3513)
  • ad77bd3 fix(devtools): improve type inference for Devtools initializer (#3511)
  • 8476d2c update pnpm etc (#3512)
  • d690ec2 docs(combine): add object constraints to T and U in signature (#3506)
  • fd8c601 docs(react): add Action constraint to redux middleware signature (#3492)
  • 2ce8226 docs(immer): fix setPerson updater type in usage examples (#3502)
  • 038b938 docs(updating-state): use curried create form with explicit state type (#3503)
  • 60a91b4 docs(devtools): add missing devtools import to troubleshooting example (#3501)
  • efad169 Update FUNDING.json
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the frontends-prod group across 1 directory with 4 updates
f911e48 
Bumps the frontends-prod group with 4 updates in the /client directory: [isomorphic-dompurify](https://github.com/kkomelin/isomorphic-dompurify), [js-cookie](https://github.com/js-cookie/js-cookie), [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) and [zustand](https://github.com/pmndrs/zustand).


Updates `isomorphic-dompurify` from 3.14.0 to 3.15.0
- [Release notes](https://github.com/kkomelin/isomorphic-dompurify/releases)
- [Commits](kkomelin/isomorphic-dompurify@3.14.0...3.15.0)

Updates `js-cookie` from 3.0.7 to 3.0.8
- [Release notes](https://github.com/js-cookie/js-cookie/releases)
- [Commits](js-cookie/js-cookie@v3.0.7...v3.0.8)

Updates `react-router-dom` from 7.15.1 to 7.16.0
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@7.16.0/packages/react-router-dom)

Updates `zustand` from 5.0.13 to 5.0.14
- [Release notes](https://github.com/pmndrs/zustand/releases)
- [Commits](pmndrs/zustand@v5.0.13...v5.0.14)

---
updated-dependencies:
- dependency-name: isomorphic-dompurify
  dependency-version: 3.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontends-prod
- dependency-name: js-cookie
  dependency-version: 3.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontends-prod
- dependency-name: react-router-dom
  dependency-version: 7.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontends-prod
- dependency-name: zustand
  dependency-version: 5.0.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontends-prod
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 29, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants