Skip to content

build(deps): Bump the npm_and_yarn group across 10 directories with 5 updates#8827

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/apps/wagmi-demo/npm_and_yarn-174d853755
Open

build(deps): Bump the npm_and_yarn group across 10 directories with 5 updates#8827
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/apps/wagmi-demo/npm_and_yarn-174d853755

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 2, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm_and_yarn group with 1 update in the /apps/wagmi-demo directory: vite.
Bumps the npm_and_yarn group with 2 updates in the /apps/wallet-ui directory: next and postcss.
Bumps the npm_and_yarn group with 1 update in the /packages/api directory: @hey-api/openapi-ts.
Bumps the npm_and_yarn group with 1 update in the /packages/engine directory: @hey-api/openapi-ts.
Bumps the npm_and_yarn group with 1 update in the /packages/insight directory: @hey-api/openapi-ts.
Bumps the npm_and_yarn group with 1 update in the /packages/nebula directory: @hey-api/openapi-ts.
Bumps the npm_and_yarn group with 1 update in the /packages/service-utils directory: vitest.
Bumps the npm_and_yarn group with 2 updates in the /packages/thirdweb directory: vite and vitest.
Bumps the npm_and_yarn group with 2 updates in the /packages/ui directory: next and postcss.
Bumps the npm_and_yarn group with 1 update in the /packages/vault-sdk directory: vitest.

Updates vite from 7.1.7 to 7.3.5

Release notes

Sourced from vite's releases.

v7.3.5

Please refer to CHANGELOG.md for details.

v7.3.3

Please refer to CHANGELOG.md for details.

v7.3.2

Please refer to CHANGELOG.md for details.

v7.3.1

Please refer to CHANGELOG.md for details.

v7.3.0

Please refer to CHANGELOG.md for details.

v7.2.7

Please refer to CHANGELOG.md for details.

v7.2.6

Please refer to CHANGELOG.md for details.

v7.2.5

Please refer to CHANGELOG.md for details.

Note: 7.2.5 failed to publish so it is skipped on npm

v7.2.4

Please refer to CHANGELOG.md for details.

v7.2.3

Please refer to CHANGELOG.md for details.

v7.2.2

Please refer to CHANGELOG.md for details.

v7.2.1

Please refer to CHANGELOG.md for details.

v7.2.0

Please refer to CHANGELOG.md for details.

v7.2.0-beta.1

Please refer to CHANGELOG.md for details.

v7.2.0-beta.0

Please refer to CHANGELOG.md for details.

v7.1.12

Please refer to CHANGELOG.md for details.

... (truncated)

Changelog

Sourced from vite's changelog.

7.3.5 (2026-06-01)

Bug Fixes

Miscellaneous Chores

7.3.4 (2026-06-01)

Bug Fixes

7.3.3 (2026-05-07)

Bug Fixes

7.3.2 (2026-04-06)

Bug Fixes

7.3.1 (2026-01-07)

Features

  • add ignoreOutdatedRequests option to optimizeDeps (#21364) (9d39d37)

7.3.0 (2025-12-15)

Features

  • deps: update esbuild from ^0.25.0 to ^0.27.0 (#21183) (cff26ec)

7.2.7 (2025-12-08)

Bug Fixes

7.2.6 (2025-12-01)

7.2.5 (2025-12-01)

Bug Fixes

... (truncated)

Commits

Updates next from 15.3.8 to 15.5.18

Release notes

Sourced from next's releases.

v15.5.18

This release contains security fixes for the following advisories:

High:

Moderate:

Low:

v15.5.16

This release contains security fixes for the following advisories:

High:

Moderate:

Low:

Commits
  • 9ff92ce v15.5.18
  • 00ebe23 [backport] Disable build caches for production/staging/force-preview deploys ...
  • 62c97ab v15.5.17
  • 423623a Turbopack: Match proxy matchers with webpack implementation (#93594)
  • fa78739 Turbopack: Fix middleware matcher suffix (#93590)
  • 36e62c6 [backport] Turbopack: more strict vergen setup (#93588)
  • 36589b5 [backport][test] Pin package manager to patch versions (#93596)
  • ad6fd4e v15.5.16
  • 79d7dff Ignore malformed CSP nonce headers (#103)
  • c4f6908 router-server: guard upgrade proxy against absolute-url SSRF (#77) (#102)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for next since your current version.


Updates postcss from 8.5.6 to 8.5.10

Release notes

Sourced from postcss's releases.

8.5.10

  • Fixed XSS via unescaped </style> in non-bundler cases (by @​TharVid).

8.5.9

  • Speed up source map encoding paring in case of the error.

8.5.8

  • Fixed Processor#version.

8.5.7

  • Improved source map annotation cleaning performance (by CodeAnt AI).
Changelog

Sourced from postcss's changelog.

8.5.10

  • Fixed XSS via unescaped </style> in non-bundler cases (by @​TharVid).

8.5.9

  • Speed up source map encoding paring in case of the error.

8.5.8

  • Fixed Processor#version.

8.5.7

  • Improved source map annotation cleaning performance (by CodeAnt AI).
Commits

Updates @hey-api/openapi-ts from 0.76.0 to 0.97.3

Release notes

Sourced from @​hey-api/openapi-ts's releases.

@​hey-api/openapi-ts@​0.95.0

Minor Changes

Validator request schemas

Valibot plugin no longer exports composite request Data schemas. Instead, each layer is exported as a separate schema. If you're using validators with SDKs, you can preserve the composite schema with shouldExtract:

export default {
  input: "hey-api/backend", // sign up at app.heyapi.dev
  output: "src/client",
  plugins: [
    // ...other plugins
    {
      name: "sdk",
      validator: "valibot",
    },
    {
      name: "valibot",
      requests: {
        shouldExtract: true,
      },
    },
  ],
};

Removed plugin.getSymbol() function

This function has been removed. You can use plugin.querySymbol() instead. It accepts the same arguments and returns the same result.

Validator request schemas

Zod plugin no longer exports composite request Data schemas. Instead, each layer is exported as a separate schema. If you're using validators with SDKs, you can preserve the composite schema with shouldExtract:

export default {
  input: "hey-api/backend", // sign up at app.heyapi.dev
  output: "src/client",
  plugins: [
    // ...other plugins
    {
      name: "sdk",
      validator: "zod",
</tr></table> 

... (truncated)

Changelog

Sourced from @​hey-api/openapi-ts's changelog.

0.97.3

Patch Changes

Updated Dependencies:

  • @​hey-api/shared@​0.4.5
  • @​hey-api/codegen-core@​0.8.2

0.97.2

Patch Changes

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​hey-api/openapi-ts since your current version.


Updates @hey-api/openapi-ts from 0.76.0 to 0.97.3

Release notes

Sourced from @​hey-api/openapi-ts's releases.

@​hey-api/openapi-ts@​0.95.0

Minor Changes

Validator request schemas

Valibot plugin no longer exports composite request Data schemas. Instead, each layer is exported as a separate schema. If you're using validators with SDKs, you can preserve the composite schema with shouldExtract:

export default {
  input: "hey-api/backend", // sign up at app.heyapi.dev
  output: "src/client",
  plugins: [
    // ...other plugins
    {
      name: "sdk",
      validator: "valibot",
    },
    {
      name: "valibot",
      requests: {
        shouldExtract: true,
      },
    },
  ],
};

Removed plugin.getSymbol() function

This function has been removed. You can use plugin.querySymbol() instead. It accepts the same arguments and returns the same result.

Validator request schemas

Zod plugin no longer exports composite request Data schemas. Instead, each layer is exported as a separate schema. If you're using validators with SDKs, you can preserve the composite schema with shouldExtract:

export default {
  input: "hey-api/backend", // sign up at app.heyapi.dev
  output: "src/client",
  plugins: [
    // ...other plugins
    {
      name: "sdk",
      validator: "zod",
</tr></table> 

... (truncated)

Changelog

Sourced from @​hey-api/openapi-ts's changelog.

0.97.3

Patch Changes

Updated Dependencies:

  • @​hey-api/shared@​0.4.5
  • @​hey-api/codegen-core@​0.8.2

0.97.2

Patch Changes

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​hey-api/openapi-ts since your current version.


Updates @hey-api/openapi-ts from 0.76.0 to 0.97.3

Release notes

Sourced from @​hey-api/openapi-ts's releases.

@​hey-api/openapi-ts@​0.95.0

Minor Changes

Validator request schemas

Valibot plugin no longer exports composite request Data schemas. Instead, each layer is exported as a separate schema. If you're using validators with SDKs, you can preserve the composite schema with shouldExtract:

export default {
  input: "hey-api/backend", // sign up at app.heyapi.dev
  output: "src/client",
  plugins: [
    // ...other plugins
    {
      name: "sdk",
      validator: "valibot",
    },
    {
      name: "valibot",
      requests: {
        shouldExtract: true,
      },
    },
  ],
};

Removed plugin.getSymbol() function

This function has been removed. You can use plugin.querySymbol() instead. It accepts the same arguments and returns the same result.

Validator request schemas

Zod plugin no longer exports composite request Data schemas. Instead, each layer is exported as a separate schema. If you're using validators with SDKs, you can preserve the composite schema with shouldExtract:

export default {
  input: "hey-api/backend", // sign up at app.heyapi.dev
  output: "src/client",
  plugins: [
    // ...other plugins
    {
      name: "sdk",
      validator: "zod",
</tr></table> 

... (truncated)

Changelog

Sourced from @​hey-api/openapi-ts's changelog.

0.97.3

Patch Changes

Updated Dependencies:

  • @​hey-api/shared@​0.4.5
  • @​hey-api/codegen-core@​0.8.2

0.97.2

Patch Changes

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​hey-api/openapi-ts since your current version.


Updates @hey-api/openapi-ts from 0.76.0 to 0.97.3

Release notes

Sourced from @​hey-api/openapi-ts's releases.

@​hey-api/openapi-ts@​0.95.0

Minor Changes

Validator request schemas

Valibot plugin no longer exports composite request Data schemas. Instead, each layer is exported as a separate schema. If you're using validators with SDKs, you can preserve the composite schema with shouldExtract:

export default {
  input: "hey-api/backend", // sign up at app.heyapi.dev
  output: "src/client",
  plugins: [
    // ...other plugins
    {
      name: "sdk",
      validator: "valibot",
    },
    {
      name: "valibot",
      requests: {
        shouldExtract: true,
      },
    },
  ],
};

Removed plugin.getSymbol() function

This function has been removed. You can use plugin.querySymbol() ...

Description has been truncated


PR-Codex overview

This PR focuses on updating various package dependencies across multiple package.json files, enhancing compatibility and functionality within the project.

Detailed summary

  • Updated vite from 7.1.7 to 7.3.5 in apps/wagmi-demo and packages/thirdweb.
  • Updated vitest from 3.2.4 to 3.2.6 in packages/vault-sdk and packages/service-utils.
  • Updated @hey-api/openapi-ts from 0.76.0 to 0.97.3 in several packages.
  • Updated next from 15.3.8 to 15.5.18 in packages/ui and apps/wallet-ui.
  • Updated postcss from 8.5.6 to 8.5.10 in packages/ui and apps/wallet-ui.

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

… updates

Bumps the npm_and_yarn group with 1 update in the /apps/wagmi-demo directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).
Bumps the npm_and_yarn group with 2 updates in the /apps/wallet-ui directory: [next](https://github.com/vercel/next.js) and [postcss](https://github.com/postcss/postcss).
Bumps the npm_and_yarn group with 1 update in the /packages/api directory: [@hey-api/openapi-ts](https://github.com/hey-api/hey-api/tree/HEAD/packages/openapi-ts).
Bumps the npm_and_yarn group with 1 update in the /packages/engine directory: [@hey-api/openapi-ts](https://github.com/hey-api/hey-api/tree/HEAD/packages/openapi-ts).
Bumps the npm_and_yarn group with 1 update in the /packages/insight directory: [@hey-api/openapi-ts](https://github.com/hey-api/hey-api/tree/HEAD/packages/openapi-ts).
Bumps the npm_and_yarn group with 1 update in the /packages/nebula directory: [@hey-api/openapi-ts](https://github.com/hey-api/hey-api/tree/HEAD/packages/openapi-ts).
Bumps the npm_and_yarn group with 1 update in the /packages/service-utils directory: [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).
Bumps the npm_and_yarn group with 2 updates in the /packages/thirdweb directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) and [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).
Bumps the npm_and_yarn group with 2 updates in the /packages/ui directory: [next](https://github.com/vercel/next.js) and [postcss](https://github.com/postcss/postcss).
Bumps the npm_and_yarn group with 1 update in the /packages/vault-sdk directory: [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).


Updates `vite` from 7.1.7 to 7.3.5
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v7.3.5/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v7.3.5/packages/vite)

Updates `next` from 15.3.8 to 15.5.18
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v15.3.8...v15.5.18)

Updates `postcss` from 8.5.6 to 8.5.10
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.5.6...8.5.10)

Updates `@hey-api/openapi-ts` from 0.76.0 to 0.97.3
- [Release notes](https://github.com/hey-api/hey-api/releases)
- [Changelog](https://github.com/hey-api/hey-api/blob/main/packages/openapi-ts/CHANGELOG.md)
- [Commits](https://github.com/hey-api/hey-api/commits/@hey-api/openapi-ts@0.97.3/packages/openapi-ts)

Updates `@hey-api/openapi-ts` from 0.76.0 to 0.97.3
- [Release notes](https://github.com/hey-api/hey-api/releases)
- [Changelog](https://github.com/hey-api/hey-api/blob/main/packages/openapi-ts/CHANGELOG.md)
- [Commits](https://github.com/hey-api/hey-api/commits/@hey-api/openapi-ts@0.97.3/packages/openapi-ts)

Updates `@hey-api/openapi-ts` from 0.76.0 to 0.97.3
- [Release notes](https://github.com/hey-api/hey-api/releases)
- [Changelog](https://github.com/hey-api/hey-api/blob/main/packages/openapi-ts/CHANGELOG.md)
- [Commits](https://github.com/hey-api/hey-api/commits/@hey-api/openapi-ts@0.97.3/packages/openapi-ts)

Updates `@hey-api/openapi-ts` from 0.76.0 to 0.97.3
- [Release notes](https://github.com/hey-api/hey-api/releases)
- [Changelog](https://github.com/hey-api/hey-api/blob/main/packages/openapi-ts/CHANGELOG.md)
- [Commits](https://github.com/hey-api/hey-api/commits/@hey-api/openapi-ts@0.97.3/packages/openapi-ts)

Updates `vitest` from 3.2.4 to 3.2.6
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v3.2.6/packages/vitest)

Updates `vite` from 7.1.7 to 7.3.5
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v7.3.5/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v7.3.5/packages/vite)

Updates `vitest` from 3.2.4 to 3.2.6
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v3.2.6/packages/vitest)

Updates `next` from 15.3.8 to 15.5.18
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v15.3.8...v15.5.18)

Updates `postcss` from 8.5.6 to 8.5.10
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.5.6...8.5.10)

Updates `vitest` from 3.2.4 to 3.2.6
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v3.2.6/packages/vitest)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 7.3.5
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: next
  dependency-version: 15.5.18
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: postcss
  dependency-version: 8.5.10
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: "@hey-api/openapi-ts"
  dependency-version: 0.97.3
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: "@hey-api/openapi-ts"
  dependency-version: 0.97.3
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: "@hey-api/openapi-ts"
  dependency-version: 0.97.3
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: "@hey-api/openapi-ts"
  dependency-version: 0.97.3
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: vitest
  dependency-version: 3.2.6
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: vite
  dependency-version: 7.3.5
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: vitest
  dependency-version: 3.2.6
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: next
  dependency-version: 15.5.18
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: postcss
  dependency-version: 8.5.10
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: vitest
  dependency-version: 3.2.6
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot requested a review from a team as a code owner July 2, 2026 04:51
@dependabot dependabot Bot added Dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jul 2, 2026
@dependabot dependabot Bot requested a review from a team as a code owner July 2, 2026 04:51
@dependabot dependabot Bot added Dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jul 2, 2026
@vercel

vercel Bot commented Jul 2, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
docs-v2 Error Error Jul 2, 2026 4:51am
nebula Error Error Jul 2, 2026 4:51am
thirdweb_playground Error Error Jul 2, 2026 4:51am
thirdweb-www Error Error Jul 2, 2026 4:51am
wallet-ui Error Error Jul 2, 2026 4:51am

@changeset-bot

changeset-bot Bot commented Jul 2, 2026

Copy link
Copy Markdown

⚠️ No Changeset found

Latest commit: 7ea3c05

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Dependencies Pull requests that update a dependency file Ecosystem Portal Involves changes to the Ecosystem Portal javascript Pull requests that update Javascript code packages SDK Involves changes to the thirdweb SDK

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants