chore(deps): update non-major

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@astrojs/tailwind (source)	5.1.4 -> 5.1.5
@astrojs/vercel (source)	8.0.1 -> 8.0.5
@ianvs/prettier-plugin-sort-imports	4.4.0 -> 4.4.1
@sanity/client (source)	6.24.3 -> 6.27.2
@sanity/ui (source)	2.11.1 -> 2.11.8
@sanity/vision (source)	3.69.0 -> 3.74.0
@sveltejs/kit (source)	^2.15.2 -> ^2.17.1
@tanstack/react-router (source)	1.95.2 -> 1.99.6
@tanstack/router-devtools (source)	1.95.2 -> 1.99.6
@tanstack/start (source)	1.95.2 -> 1.99.6
@tanstack/zod-adapter (source)	1.95.2 -> 1.99.6
@types/react (source)	^19.0.4 -> ^19.0.8
@types/react (source)	^18.3.18 -> ^19.0.8
@types/react (source)	19.0.4 -> 19.0.8
@types/react-dom (source)	^19.0.2 -> ^19.0.3
@types/react-dom (source)	19.0.2 -> 19.0.3
astro (source)	5.1.4 -> 5.2.5
eslint (source)	^9.17.0 -> ^9.19.0
eslint-config-next (source)	15.1.4 -> 15.1.6
groq (source)	3.69.0 -> 3.74.0
next (source)	15.1.2 -> 15.1.6
next (source)	14.2.21 -> 14.2.23
nuxt (source)	3.15.1 -> 3.15.4
postcss (source)	^8.4.49 -> ^8.5.1
prettier-plugin-svelte	^3.3.2 -> ^3.3.3
prettier-plugin-svelte	3.3.2 -> 3.3.3
prettier-plugin-tailwindcss	^0.6.9 -> ^0.6.11
prettier-plugin-tailwindcss	0.6.9 -> 0.6.11
sanity (source)	3.69.0 -> 3.74.0
svelte (source)	^5.17.3 -> ^5.19.7
svelte-check	^4.1.3 -> ^4.1.4
typescript-eslint (source)	^8.19.1 -> ^8.23.0

---

Release Notes

withastro/astro (@​astrojs/tailwind)

v5.1.5

Compare Source

Patch Changes

• #​13011 cf30880 Thanks @​ascorbic! - Upgrades Vite

withastro/adapters (@​astrojs/vercel)

v8.0.5

Compare Source

Patch Changes

• #​519 641d7d5 Thanks @​ascorbic! - Updates edge middleware to support esnext syntax

• #​525 6ef9a6f Thanks @​ascorbic! - Fixes a bug that caused redirect loops when trailingSlash was set

v8.0.4

Compare Source

Patch Changes

• #​516 3fe04eb Thanks @​ascorbic! - Fixes a bug that prevented integration-generated static assets from being deployed with non-static sites

v8.0.3

Compare Source

Patch Changes

• #​508 af69a12 Thanks @​ascorbic! - Fixes a bug that prevented static assets generated by integrations from being deployed

v8.0.2

Compare Source

Patch Changes

• #​454 83cedad Thanks @​alexanderniebuhr! - Improves Astro 5 support

• #​501 012b31d Thanks @​florian-lefebvre! - Refactor of the redirects logic

ianvs/prettier-plugin-sort-imports (@​ianvs/prettier-plugin-sort-imports)

v4.4.1

Compare Source

What's Changed

• fix: catch babel parse errors by @​michaelfaith in https://github.com/IanVS/prettier-plugin-sort-imports/pull/198

New Contributors

• @​michaelfaith made their first contribution in https://github.com/IanVS/prettier-plugin-sort-imports/pull/198

Full Changelog: IanVS/prettier-plugin-sort-imports@v4.4.0...v4.4.1

sanity-io/client (@​sanity/client)

v6.27.2

Compare Source

Bug Fixes

• deps: update dependency get-it to ^8.6.7 (#​989) (b36339c)
• live: includeDrafts no longer require vX (#​991) (22e50aa)

v6.27.1

Compare Source

Bug Fixes

• csm: handle Cannot read properties of undefined (cb80d68)

v6.27.0

Compare Source

Features

• csm: support releases in applySourceDocuments (#​981) (ab82a35)

v6.26.1

Compare Source

Bug Fixes

• stega: append perspective to edit links (#​979) (65ce82d)
• stega: remove isDraft search param (#​978) (08d189d)

v6.26.0

Compare Source

Features

• csm: add document id utils (#​976) (0d4cd76)

v6.25.0

Compare Source

Features

• request: add flag to disable logging api warnings (#​925) (3f90ab0)

v6.24.4

Compare Source

Bug Fixes

• allow mutation selection without passing a patch builder (#​964) (fd70208)
• deps: update dependency get-it to ^8.6.6 (#​960) (941203d)

sanity-io/ui (@​sanity/ui)

v2.11.8

Compare Source

Bug Fixes

• deps: update React Compiler dependencies 🤖 ✨ (#​1581) (f4e7a15)

v2.11.7

Compare Source

Bug Fixes

• deps: update dependency framer-motion to v12 (#​1565) (9c5fb78)
• remove element.ref warning (#​1580) (09858e0)

v2.11.6

Compare Source

Bug Fixes

• deps: update React Compiler dependencies 🤖 ✨ (#​1563) (8fe1bb6)

v2.11.5

Compare Source

Bug Fixes

• deps: update dependency framer-motion to ^11.18.2 (#​1564) (02fcda6)

v2.11.4

Compare Source

Bug Fixes

• deps: update dependency framer-motion to ^11.16.4 (#​1558) (8c69ed3)

v2.11.3

Compare Source

Bug Fixes

• deps: update React Compiler dependencies 🤖 ✨ (#​1562) (3454018)

v2.11.2

Compare Source

Bug Fixes

• deps: update React Compiler dependencies 🤖 ✨ (#​1561) (073420f)

sanity-io/sanity (@​sanity/vision)

v3.74.0

Compare Source

v3.73.0

Compare Source

v3.72.1

Compare Source

🐛 Notable bugfixes

• Fixes an issue where GraphQL union reference types caused problems in GraphQL schema generation.

Install or upgrade Sanity Studio

To initiate a new Sanity Studio project or upgrade an existing one, please refer to our comprehensive guide on Installing and Upgrading Sanity Studio.

If you are updating from a version earlier than 3.37.0, you should also check out this article to ensure your dependencies are up to date.

📓 Full changelog

Author | Message | Commit
------------ | ------------- | -------------
Carolina Gonzalez | fix: remove references array from GraphQL union references generation (#​8436) | b5b5b6e

v3.72.0

Compare Source

✨ Highlights

Improved content serialization for copy-pasting in the Portable Text Editor

We’ve enhanced the way content is serialized to text/html when copying from a Portable Text input. Advanced formatting, such as lists and links, is now more reliably preserved when pasting into other applications like Notion or Word.

Additionally, copy-pasting between Portable Text fields in different documents is now more consistent. When pasting, Portable Text Editor (PTE) will intelligently filter out unsupported object types and annotations, ensuring that the rest of the content is pasted seamlessly.

🐛 Notable bugfixes

• Fixes an issue where referencing a type of the same kind of document within a document would cause a maximum call stack size exceeded error during GraphQL schema generation.
• Fixes an issue in which the history would fail to load if user opened the History → Review Changes → History panel.
• Fixes an issue where Shopify Hydrogen, Remix and Astro apps with embedded studios using Presentation would see an error about calling env on undefined.

Install or upgrade Sanity Studio

To initiate a new Sanity Studio project or upgrade an existing one, please refer to our comprehensive guide on Installing and Upgrading Sanity Studio.

If you are updating from a version earlier than 3.37.0, you should also check out this article to ensure your dependencies are up to date.

📓 Full changelog

Author | Message | Commit
------------ | ------------- | -------------
Jordan Lawrence | refactor: moving calendar inputs from scheduled pub. to core/components (#​8338) | 2bb3a89
Pedro Bonamin | chore(structure): remove TimelineStore from <DocumentPaneProvider/> (#​8271) | ba00f34
Ash | feat(test-studio): add Cross Dataset Reference error replication | 4eb7fa1
Ash | fix(@​sanity/schema): allow Cross Dataset References in Portable Text blocks | 23b2b6a
RitaDias | test(e2e): make e2e sturdier (#​8348) | 70b6497
renovate[bot] | fix(deps): update dependency @​sanity/ui to ^2.11.4 (#​8334) | 576bf44
renovate[bot] | fix(deps): update dependency @​portabletext/editor to ^1.24.0 (#​8337) | 4a9a29a
renovate[bot] | fix(deps): update dependency @​sanity/insert-menu to v1.0.20 (#​8353) | 7418d2e
renovate[bot] | fix(deps): update dependency @​sanity/presentation-comlink to ^1.0.2 (#​8354) | 1828497
renovate[bot] | fix(deps): update dependency @​sanity/client to ^6.27.0 (#​8357) | 7f934e5
renovate[bot] | chore(deps): update dependency @​sanity/visual-editing-csm to v2 (#​8358) | 5df6759
renovate[bot] | fix(deps): update dependency @​portabletext/block-tools to ^1.1.2 (#​8360) | d924950
renovate[bot] | fix(deps): update dependency @​portabletext/editor to ^1.25.0 (#​8368) | c367854
renovate[bot] | fix(deps): update dependency @​sanity/preview-url-secret to ^2.1.1 (#​8356) | eb13847
renovate[bot] | chore(deps): update react monorepo (#​8375) | 8eb32e2
renovate[bot] | chore(deps): update dev-non-major (#​8374) | 067ace2
renovate[bot] | chore(deps): update dependency @​sanity/visual-editing-csm to ^2.0.1 (#​8373) | 5daded1
renovate[bot] | fix(deps): update dependency @​sanity/client to ^6.27.1 (#​8376) | 7eebb60
renovate[bot] | fix(deps): update dependency @​sanity/presentation-comlink to ^1.0.3 (#​8377) | 3dc4058
renovate[bot] | fix(deps): update dependency @​sanity/preview-url-secret to ^2.1.2 (#​8378) | 6019bb7
Cody Olsen | fix(presentation): support pt::text in live queries (#​8380) | 691aad1
Knut Melvær | Update Studio photo (#​8389) | 5dc4a6b
Carolina Gonzalez | fix(graphql): add custom logic for reference unions (#​8350) | cdeeae6
renovate[bot] | fix(deps): update dependency @​sanity/preview-url-secret to ^2.1.3 (#​8385) | ef41c78
renovate[bot] | fix(deps): update dependency @​portabletext/editor to ^1.26.0 (#​8386) | be47ff9
renovate[bot] | chore(deps): update dependency turbo to ^2.3.4 (#​8396) | af88596
renovate[bot] | chore(deps): update dev-non-major (#​8397) | 3c3d645
renovate[bot] | fix(deps): update dependency @​sanity/template-validator to ^2.4.0 (#​8390) | 645db7b
Jordan Lawrence | feat: support for sticky params and intent operations (#​8256) | 1269760
Snorre Eskeland Brekke | chore(comments): exposes more comment details as internal exports (#​8336) | 25a3a2e
Pedro Bonamin | feat(core): add unstable useObserveDocument hook (#​8407) | b693819
ecospark[bot] | fix(deps): update React Compiler dependencies 🤖 ✨ (#​8414) | bd53c3a
ecospark[bot] | chore(deps): dedupe pnpm-lock.yaml (#​8415) | 623550d
renovate[bot] | fix(deps): update dependency react-rx to ^4.1.17 (#​8416) | 17911eb
renovate[bot] | fix(deps): update dependency @​portabletext/block-tools to ^1.1.3 (#​8399) | 6780bcb
renovate[bot] | fix(deps): update dependency @​portabletext/editor to ^1.26.2 (#​8400) | 287dfa4
renovate[bot] | fix(deps): update dependency @​sanity/ui to ^2.11.5 (#​8417) | 2d28402
renovate[bot] | fix(deps): update dependency @​sanity/ui to ^2.11.6 (#​8420) | 1ebb974
Pedro Bonamin | fix(structure): do not set history inspector height to 0 (#​8421) | abb0b2e
Cody Olsen | fix: remove process.env.SANITY_STUDIO_PRESENTATION_ENABLE_LIVE_DRAFT_EVENTS (#​8401) | 68b7fa3
renovate[bot] | fix(deps): update dependency @​portabletext/editor to ^1.26.3 (#​8423) | 0fe8d70
renovate[bot] | fix(deps): update dependency get-it to ^8.6.7 (#​8424) | 1f0777e
renovate[bot] | fix(deps): update dependency @​sanity/client to ^6.27.2 (#​8426) | a2df043
renovate[bot] | chore(deps): update dependency @​sanity/visual-editing-csm to ^2.0.2 (#​8427) | 32b5ce9
renovate[bot] | fix(deps): update dependency @​sanity/preview-url-secret to ^2.1.4 (#​8431) | b8497c3
renovate[bot] | fix(deps): update dependency @​sanity/presentation-comlink to ^1.0.4 (#​8428) | 24a74e9
renovate[bot] | fix(deps): Update dev-non-major (#​8430) | 2092b7e

v3.71.2

Compare Source

🐛 Notable bugfixes

• Fixes a regression causing the perspective switcher in the Presentation tool to reload the iframe and lose connection with loaders, causing the perspective to fail switching. It now actually switches the perspective. ❤

Install or upgrade Sanity Studio

To initiate a new Sanity Studio project or upgrade an existing one, please refer to our comprehensive guide on Installing and Upgrading Sanity Studio.

If you are updating from a version earlier than 3.37.0, you should also check out this article to ensure your dependencies are up to date.

📓 Full changelog

Author | Message | Commit
------------ | ------------- | -------------
Cody Olsen | fix(presentation): perspective switching regression (#​8383) | 9caf5d8

v3.71.1

Compare Source

🐛 Notable bugfixes

• Fixes react module import error affecting production builds of auto-updating studios.

Install or upgrade Sanity Studio

To initiate a new Sanity Studio project or upgrade an existing one, please refer to our comprehensive guide on Installing and Upgrading Sanity Studio.

If you are updating from a version earlier than 3.37.0, you should also check out this article to ensure your dependencies are up to date.

📓 Full changelog

Author | Message | Commit
------------ | ------------- | -------------
Bjørge Næss | fix: revert back to vite v5 (#​8362) | 03fa6f1

v3.71.0

Compare Source

✨ Highlights

The @sanity/presentation codebase has been migrated into the sanity codebase

The @sanity/presentation codebase has been migrated into the sanity codebase. We've always recommended using Presentation Tool by importing it from sanity/presentation, like so:

// sanity.config.ts
import {defineConfig} from 'sanity'
import {presentationTool} from 'sanity/presentation'
import {structureTool} from 'sanity/structure'

export default defineConfig({
  plugins: [presentationTool(), structureTool()]
})

If you've been following this pattern then this change won't impact you in any way.

If you've been installing @sanity/presentation and are using it directly (we've sometimes suggested this to let folks try out bugfixes before they ship in the next release of sanity):

// sanity.config.ts
import {defineConfig} from 'sanity'
import {presentationTool} from '@​sanity/presentation'
import {structureTool} from 'sanity/structure'

export default defineConfig({
  plugins: [presentationTool(), structureTool()]
})

Then you need to search/replace all from '@​sanity/presentation' statements in your codebase with from 'sanity/presentation', and uninstall @sanity/presentation, as it'll no longer receive updates.

Other features

• Adds disableActions option to array fields for disabling various array input capabilities.

🐛 Notable bugfixes

• Fixes an issue preventing keyboard navigation to edit buttons for annotation and inline objects in the Portable Text Input.
• Fixes an issue allowing custom form inputs to incorrectly patch a readOnly document by calling onChange.
• The Presentation Tool's "Documents in use" pane now includes draft and unpublished documents, meaning it actually shows all documents in use, rather than just some of them.
• No longer warns about duplicate keys when using Presentation on sanity dev with React Strict Mode, or embedded studios on Next.js App Router.

Install or upgrade Sanity Studio

To initiate a new Sanity Studio project or upgrade

---

Configuration

📅 Schedule: Branch creation - "before 3am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate using a curated preset maintained by . View repository job log here

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
lcapi-examples-api	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Feb 5, 2025 3:01pm
lcapi-examples-astro	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Feb 5, 2025 3:01pm
lcapi-examples-next-13	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Feb 5, 2025 3:01pm
lcapi-examples-next-14	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Feb 5, 2025 3:01pm
lcapi-examples-next-15	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Feb 5, 2025 3:01pm
lcapi-examples-next-canary	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Feb 5, 2025 3:01pm
lcapi-examples-next-enterprise	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Feb 5, 2025 3:01pm
lcapi-examples-studio	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Feb 5, 2025 3:01pm
lcapi-examples-sveltekit	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Feb 5, 2025 3:01pm
lcapi-examples-tanstack-start	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Feb 5, 2025 3:01pm

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source	CI
License Policy Violation	npm/[email protected]	License: CC-BY-SA-4.0 - Not allowed by license policy (package/dist/compiled/glob/LICENSE, package/dist/compiled/glob/LICENSE)	next-14/package.json pnpm-lock.yaml	⚠︎
License Policy Violation	npm/[email protected]	License: CC-BY-SA-4.0 - Not allowed by license policy (package/dist/compiled/glob/LICENSE, package/dist/compiled/glob/LICENSE)	next-15/package.json next-enterprise/package.json pnpm-lock.yaml	⚠︎
License Policy Violation	npm/[email protected]	License: CC-BY-SA-4.0 - Not allowed by license policy (package/dist/compiled/glob/LICENSE, package/dist/compiled/glob/LICENSE)	next-canary/package.json pnpm-lock.yaml	⚠︎

View full report↗︎

Next steps

What is a license policy violation?

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/[email protected]
• @SocketSecurity ignore npm/[email protected]
• @SocketSecurity ignore npm/[email protected]