fix(deps): update npm non-major dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
@babel/core (source)	7.28.5 → 7.29.0
@babel/plugin-transform-runtime (source)	7.28.5 → 7.29.0
@babel/preset-env (source)	7.28.5 → 7.29.0
@babel/runtime (source)	7.28.4 → 7.28.6
@babel/runtime-corejs3 (source)	7.28.4 → 7.29.0
@eslint/compat (source)	2.0.1 → 2.0.2
@faker-js/faker (source)	10.2.0 → 10.3.0
@navikt/aksel-icons (source)	7.38.0 → 7.40.0
@percy/cli (source)	1.31.7 → 1.31.8
@tanstack/react-query (source)	5.90.16 → 5.90.21
@tanstack/react-query-devtools (source)	5.91.2 → 5.91.3
@testing-library/react	16.3.1 → 16.3.2
@types/node (source)	24.10.7 → 24.10.13
@types/react (source)	19.2.8 → 19.2.14
@typescript-eslint/eslint-plugin (source)	8.52.0 → 8.55.0
@typescript-eslint/parser (source)	8.52.0 → 8.55.0
ajv (source)	8.17.1 → 8.18.0
axios (source)	1.13.2 → 1.13.5
caniuse-lite	1.0.30001764 → 1.0.30001770
core-js (source)	3.47.0 → 3.48.0
css-loader	7.1.2 → 7.1.3
cypress (source)	15.8.2 → 15.10.0
dotenv	17.2.3 → 17.3.1
eslint-plugin-cypress	5.2.1 → 5.3.0
eslint-plugin-prettier	5.5.4 → 5.5.5
eslint-plugin-sonarjs (source)	3.0.5 → 3.0.7
eslint-plugin-unused-imports	4.3.0 → 4.4.1
globals	17.0.0 → 17.3.0
html-react-parser	5.2.11 → 5.2.17
immer	11.1.3 → 11.1.4
lru-cache	11.2.4 → 11.2.6
marked (source)	17.0.1 → 17.0.2
mini-css-extract-plugin	2.9.4 → 2.10.0
prettier (source)	3.7.4 → 3.8.1
react (source)	19.2.3 → 19.2.4
react-content-loader	7.1.1 → 7.1.2
react-day-picker (source)	9.13.0 → 9.13.2
react-dom (source)	19.2.3 → 19.2.4
react-dropzone	14.3.8 → 14.4.1
typescript-eslint (source)	8.52.0 → 8.55.0
webpack	5.104.1 → 5.105.2
webpack-dev-server	5.2.2 → 5.2.3
zod (source)	4.3.5 → 4.3.6
zustand	5.0.10 → 5.0.11

---

Release Notes

babel/babel (@​babel/core)

v7.29.0

Compare Source

v7.29.0 (2026-01-31)

Thanks @​simbahax for your first PR!

🚀 New Feature

• babel-types
  • #​17750 [7.x backport] Add attributes import declaration builder (@​JLHwung)
• babel-standalone
  • #​17663 [7.x backport] feat(standalone): export async transform (@​JLHwung)
  • #​17725 [7.x backport] feat: read standalone targets from data-targets (@​JLHwung)

🐛 Bug Fix

• babel-parser
  • #​17765 fix(parser): correctly parse type assertions in extends clause (@​nicolo-ribaudo)
  • #​17723 [7.x backport] fix(parser): improve super type argument parsing (@​JLHwung)
• babel-traverse
  • #​17708 fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (@​simbahax)
• babel-plugin-transform-block-scoping, babel-traverse
  • #​17737 [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (@​magic-akari)

🏃‍♀️ Performance

• babel-generator, babel-runtime-corejs3
  • #​17642 [Babel 7] Improve generator performance (@​liuxingbaoyu)

Committers: 6

• David (@​simbahax)
• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• @​liuxingbaoyu
• @​magic-akari

v7.28.6

Compare Source

eslint/rewrite (@​eslint/compat)

v2.0.2

Compare Source

Bug Fixes

• add eslint 10 as peer dependency (#​361) (ecb37dc)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​eslint/core bumped from ^1.0.1 to ^1.1.0

faker-js/faker (@​faker-js/faker)

v10.3.0

Compare Source

New Locales

• locale: add Japanese dog definition (#​3715) (76c9df1)
• locale: add Japanese color definitions (#​3707) (bbbb215)
• locale: add Japanese food module (#​3706) (71d55c0)
• locale: add Japanese internet definitions (#​3708) (184a709)
• locale: add Japanese job definitions for person module (#​3705) (e7f3ccd)
• locale: add Japanese suffix definitions for person module (#​3704) (45ad7d8)
• locale: add Norwegian (nb_NO) continent definitions (#​3712) (c0f0f23)
• locale: add Norwegian (nb_NO) direction definition (#​3713) (43b18fa)
• locale: add Norwegian (nb_NO) sex definitions (#​3710) (76063f2)
• locale: add Norwegian (nb_NO) vehicle definition (#​3732) (d1c32b0)

Features

• locales: add Norwegian (nb_NO) zodiac sign definitions (#​3711) (e306542)
• person: sexType can return 'generic' (#​3259) (0e099a1)
• string: support uuid v7 (#​3701) (87c2753)

Changed Locales

• locale: normalize system locale data (#​3702) (ba91653)

Bug Fixes

• locale: remove empty string from Hebrew lorem words (#​3698) (81a896c)
• location: state name to 'Trøndelag' for nb_NO (#​3691) (eaef389)

navikt/aksel (@​navikt/aksel-icons)

v7.40.0

Compare Source

Minor Changes

• Icons: New icon MagnifyingGlassCheckmark (#​4489)

v7.39.1

Compare Source

v7.39.0

Compare Source

percy/cli (@​percy/cli)

v1.31.8

Compare Source

What's Changed

✨ Enhancements

• Adds structured asset instrumentation logging by @​bs-shobhitkumar in #​2086

New Contributors

• @​gbuh made their first contribution in #​2083

Full Changelog: percy/cli@v1.31.7...v1.31.8

TanStack/query (@​tanstack/react-query)

v5.90.21

Compare Source

Patch Changes

• refactor(react-query/useQueries): remove unreachable 'willFetch' branch in suspense promise collection (#​10082)

v5.90.20

Compare Source

Patch Changes

• Updated dependencies [e7258c5]:
  • @​tanstack/query-core@​5.90.20

v5.90.19

Compare Source

Patch Changes

• Updated dependencies [53fc74e]:
  • @​tanstack/query-core@​5.90.19

v5.90.18

Compare Source

Patch Changes

• Updated dependencies [dea1614]:
  • @​tanstack/query-core@​5.90.18

v5.90.17

Compare Source

Patch Changes

• Updated dependencies [269351b]:
  • @​tanstack/query-core@​5.90.17

TanStack/query (@​tanstack/react-query-devtools)

v5.91.3

Compare Source

Patch Changes

• Updated dependencies [83366c4]:
  • @​tanstack/query-devtools@​5.93.0

testing-library/react-testing-library (@​testing-library/react)

v16.3.2

Compare Source

typescript-eslint/typescript-eslint (@​typescript-eslint/eslint-plugin)

v8.55.0

Compare Source

🚀 Features

• utils: deprecate defaultOptions in favor of meta.defaultOptions (#​11992)

🩹 Fixes

• eslint-plugin: [no-useless-default-assignment] reduce param index to ts this handling (#​11949)
• eslint-plugin: [no-useless-default-assignment] report unnecessary defaults in ternary expressions (#​11984)
• eslint-plugin: [no-useless-default-assignment] require strictNullChecks (#​11966, #​12000)
• eslint-plugin: [no-unused-vars] remove trailing newline when removing entire import (#​11990)

❤️ Thank You

• Christian Rose @​chrros95
• Josh Goldberg
• Maria Solano @​MariaSolOs
• Minyeong Kim @​minyeong981
• SungHyun627 @​SungHyun627
• Yukihiro Hasegawa @​y-hsgw

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.54.0

Compare Source

🚀 Features

• eslint-plugin-internal: add prefer-tsutils-methods rule (#​11974, #​11625)
• typescript-estree: add shortcut methods to ParserServicesWithTypeInformation (#​11965, #​11955)

🩹 Fixes

• eslint-plugin: [no-unnecessary-type-assertion] check both base constraint and actual type for non-null assertions (#​11967, #​11559)
• deps: update dependency prettier to v3.8.0 (#​11991)
• scope-manager: fix catch clause scopes def.name (#​11982)
• eslint-plugin: [no-unused-private-class-members] private destructured class member is defined but used (#​11785)

❤️ Thank You

• Brad Zacher @​bradzacher
• Josh Goldberg
• MinJae @​Ju-MINJAE
• Minyeong Kim @​minyeong981
• overlookmotel
• Yuya Yoshioka @​YuyaYoshioka
• 김현수 @​Kimsoo0119

You can read about our versioning strategy and releases on our website.

v8.53.1

Compare Source

🩹 Fixes

• utils: make RuleCreator root defaultOptions optional (#​11956)
• eslint-plugin: [consistent-indexed-object-style] skip fixer if interface is a default export (#​11951)

❤️ Thank You

• Cameron
• Yukihiro Hasegawa @​y-hsgw

You can read about our versioning strategy and releases on our website.

v8.53.0

Compare Source

🚀 Features

• eslint-plugin: add rule [strict-void-return] (#​9707)
• eslint-plugin: [no-unused-vars] add a fixer to remove unused imports (#​11922)

🩹 Fixes

• eslint-plugin: [no-useless-default-assignment] fix false positive for parameters corresponding to a rest parameter (#​11916)
• eslint-plugin: replace unclear "error typed" with more helpful description (#​11704)
• typescript-estree: forbid invalid extends and implements in interface declaration (#​11935)
• typescript-estree: forbid invalid class implements (#​11934)
• typescript-estree: forbid type-only import with both default and named specifiers (#​11930)

❤️ Thank You

• Brad Zacher @​bradzacher
• fisker Cheung @​fisker
• Josh Goldberg
• Josh Goldberg ✨
• Kirk Waiblinger
• Niki @​phaux
• Nikita
• SungHyun627 @​SungHyun627
• Will Harney @​wjhsf

You can read about our versioning strategy and releases on our website.

typescript-eslint/typescript-eslint (@​typescript-eslint/parser)

v8.55.0

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.54.0

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

v8.53.1

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

v8.53.0

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

ajv-validator/ajv (ajv)

v8.18.0

Compare Source

What's Changed

• feat: allow tree-shaking by adding "sideEffects": false to package.json by @​josdejong in #​2480
• fix: #​2482 Infinity and NaN serialise to null by @​jasoniangreen in #​2487
• fix: small grammatical error in managing-schemas.md by @​monteiro-renato in #​2508
• fix: typos in schema-language.md by @​monteiro-renato in #​2507
• fix(pattern): use configured RegExp engine with $data keyword to mitigate ReDoS attacks (CVE-2025-69873) by @​epoberezkin in #​2586

New Contributors

• @​josdejong made their first contribution in #​2480
• @​monteiro-renato made their first contribution in #​2508

Full Changelog: ajv-validator/ajv@v8.17.1...v8.18.0

axios/axios (axios)

v1.13.5

Compare Source

Release 1.13.5

Highlights

• Security: Fixed a potential Denial of Service issue involving the __proto__ key in mergeConfig. (PR #​7369)
• Bug fix: Resolved an issue where AxiosError could be missing the status field on and after v1.13.3. (PR #​7368)

Changes

Security

• Fix Denial of Service via __proto__ key in mergeConfig. (PR #​7369)

Fixes

• Fix/5657. (PR #​7313)
• Ensure status is present in AxiosError on and after v1.13.3. (PR #​7368)

Features / Improvements

• Add input validation to isAbsoluteURL. (PR #​7326)
• Refactor: bump minor package versions. (PR #​7356)

Documentation

• Clarify object-check comment. (PR #​7323)
• Fix deprecated Buffer constructor usage and README formatting. (PR #​7371)

CI / Maintenance

• Chore: fix issues with YAML. (PR #​7355)
• CI: update workflow YAMLs. (PR #​7372)
• CI: fix run condition. (PR #​7373)
• Dev deps: bump karma-sourcemap-loader from 0.3.8 to 0.4.0. (PR #​7360)
• Chore(release): prepare release 1.13.5. (PR #​7379)

New Contributors

• @​sachin11063 (first contribution — PR #​7323)
• @​asmitha-16 (first contribution — PR #​7326)

Full Changelog: axios/axios@v1.13.4...v1.13.5

v1.13.4

Compare Source

Overview

The release addresses issues discovered in v1.13.3 and includes significant CI/CD improvements.

Full Changelog: v1.13.3...v1.13.4

What's New in v1.13.4

Bug Fixes

• fix: issues with version 1.13.3 (#​7352) (ee90dfc)
  • Fixed issues discovered in v1.13.3 release
  • Cleaned up interceptor test files
  • Improved workflow configurations

Infrastructure & CI/CD

• refactor: ci and build (#​7340) (8ff6c19)

  • Major refactoring of CI/CD workflows
  • Consolidated workflow files for better maintainability
  • Added mise configuration for the development environment
  • Improved sponsor block update automation
  • Enhanced issue and PR templates
  • Added automatic release notes generation
  • Implemented workflow cancellation for concurrent runs

• chore: codegen and some updates to workflows (76cf77b)

  • Code generation improvements
  • Workflow optimisations

Migration Notes

Breaking Changes

None in this release.

Deprecations

None in this release.

Contributors

Thank you to all contributors who made this release possible! Special thanks to:

• jasonsaayman - Release management and CI/CD improvements

v1.13.3

Compare Source

Bug Fixes

• http2: Use port 443 for HTTPS connections by default. (#​7256) (d7e6065)
• interceptor: handle the error in the same interceptor (#​6269) (5945e40)
• main field in package.json should correspond to cjs artifacts (#​5756) (7373fbf)
• package.json: add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (#​5754) (b89217e)
• silentJSONParsing=false should throw on invalid JSON (#​7253) (#​7257) (7d19335)
• turn AxiosError into a native error (#​5394) (#​5558) (1c6a86d)
• types: add handlers to AxiosInterceptorManager interface (#​5551) (8d1271b)
• types: restore AxiosError.cause type from unknown to Error (#​7327) (d8233d9)
• unclear error message is thrown when specifying an empty proxy authorization (#​6314) (6ef867e)

Features

• add undefined as a value in AxiosRequestConfig (#​5560) (095033c)
• add automatic minor and patch upgrades to dependabot (#​6053) (65a7584)
• add Node.js coverage script using c8 (closes #​7289) (#​7294) (ec9d94e)
• added copilot instructions (3f83143)
• compatibility with frozen prototypes (#​6265) (860e033)
• enhance pipeFileToResponse with error handling (#​7169) (88d7884)
• types: Intellisense for string literals in a widened union (#​6134) (f73474d), closes /github.com/microsoft/TypeScript/issues/33471#issuecomment-1376364329

Reverts

• Revert "fix: silentJSONParsing=false should throw on invalid JSON (#​7253) (#​7…" (#​7298) (a4230f5), closes #​7253 #​7 #​7298
• deps: bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (#​7334) (2d6ad5e)

Contributors to this release

• Ashvin Tiwari
• Nikunj Mochi
• Anchal Singh
• jasonsaayman
• Julian Dax
• Akash Dhar Dubey
• Madhumita
• Tackoil
• Justin Dhillon
• Rudransh
• WuMingDao
• codenomnom
• Nandan Acharya
• Eric Dubé
• Tibor Pilz
• Gabriel Quaresma
• Turadg Aleahmad
• JohnTitor
• rohit miryala
• Wilson Mun
• techcodie
• Ved Vadnere
• svihpinc
• SANDESH LENDVE
• Lubos
• Jarred Sumner
• <img src="https://avatars.githubusercontent.com/u/17907922?v&#x3D;4&amp;s&#x3D;18" alt="avatar"

---

Configuration

📅 Schedule: Branch creation - "before 07:00 on Thursday" in timezone Europe/Oslo, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

• 🔍 Trigger a full review

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud