npm(deps): Bump the production-dependencies group across 1 directory with 10 updates

[dependabot]

Bumps the production-dependencies group with 10 updates in the / directory:

Package	From	To
axios	1.13.5	1.16.0
lucide-react	0.563.0	1.14.0
mammoth	1.11.0	1.12.0
openai	6.18.0	6.35.0
react	19.2.4	19.2.5
react-dom	19.2.4	19.2.5
react-router-dom	7.13.0	7.14.2
tailwind-merge	3.4.0	3.5.0
uuid	13.0.0	14.0.0
zustand	5.0.11	5.0.12

Updates axios from 1.13.5 to 1.16.0

Release notes

Sourced from axios's releases.

v1.16.0 — May 2, 2026

This release adds support for the QUERY HTTP method and a new ECONNREFUSED error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.

⚠️ Notable Changes

A handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:

• Fetch adapter now enforces maxBodyLength and maxContentLength. These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (#10795)
• Proxy requests now preserve user-supplied Host headers. Previously, the proxy path could overwrite a custom Host. Virtual-host-style routing through a proxy will now behave correctly. (#10822)
• Basic auth credentials embedded in URLs are now URL-decoded. If you have percent-encoded credentials in a URL (e.g. https://user:p%40ss@host), the decoded value is what now goes on the wire. (#10825)
• parseProtocol now strictly requires a colon in the protocol separator. Strings that loosely parsed as protocols before may no longer match. (#10729)
• Deprecated unescape() replaced with modern UTF-8 encoding. Non-ASCII URL handling is now spec-correct; consumers depending on legacy unescape() quirks may see different output bytes. (#7378)
• transformRequest input typing change was reverted. The typing change introduced in #10745 was reverted in #10810 after follow-up review — net behavior is unchanged from 1.15.2. (#10745, #10810)

🚀 New Features

• QUERY HTTP Method: Added support for the QUERY HTTP method across adapters and type definitions. (#10802)
• ECONNREFUSED Error Constant: Exposed ECONNREFUSED as a constant on AxiosError so callers can match connection-refused failures without comparing string literals (closes #6485). (#10680)
• Encode Helper Export: Exported the internal encode helper from buildURL so userland param serializers can reuse the same encoding logic that axios uses internally. (#6897)

🐛 Bug Fixes

• HTTP Adapter — Redirects & Headers: Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing requestDetails argument on beforeRedirect, preserved user-supplied Host headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (#10794, #10800, #6241, #10822, #10825)
• HTTP Adapter — Streams & Timeouts: Preserved the partial response object on AxiosError when a stream is aborted after headers arrive, honoured the timeout option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and maxRedirects: 0. (#10708, #10819, #7149)
• Fetch Adapter: Enforced maxBodyLength / maxContentLength in the fetch adapter, set the User-Agent header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a TypeError in restricted environments. (#10795, #10772, #10806, #7260)
• XHR Adapter: Unsubscribed the cancelToken and AbortSignal listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (#10787)
• Error Handling: Attached the parsed response to AxiosError when JSON.parse fails inside dispatchRequest, prevented settle from emitting undefined error codes, and tightened the parseProtocol regex to require a colon in the protocol separator. (#10724, #7276, #10729)
• Types & Exports: Aligned the CommonJS CancelToken typings with the ESM build, fixed a compiler error caused by RawAxiosHeaders, and re-exported create from the package index. (#7414, #6389, #6460)
• UTF-8 Encoding: Replaced the deprecated unescape() call with a modern UTF-8 encoding implementation. (#7378)
• Misc Cleanup: Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (#10833)

🔧 Maintenance & Chores

• Refactor — ES6 Modernisation: Modernised the utils module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (#10588, #7419)
• Tests: Hardened the HTTP test server lifecycle to fix flaky FormData EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (#10820, #10791, #10796)
• Docs: Documented paramsSerializer.encode for strict RFC 3986 query encoding, updated the parseReviver TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (#10821, #10782, #10759, #10804)
• Reverted: Reverted the transformRequest input typing change from #10745 after follow-up review. (#10745, #10810)
• Dependencies: Bumped actions/setup-node, the github-actions group, and postcss (in /docs) to their latest versions. (#10785, #10813, #10814)
• Release: Updated changelog and packages, and prepared the 1.16.0 release. (#10790, #10834)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

• @​singhankit001 (#10588)
• @​cuiweixie (#7419)
• @​iruizsalinas (#10787)
• @​MarcosNocetti (#10680)
• @​deepview-autofix (#10729)

... (truncated)

Changelog

Sourced from axios's changelog.

Changelog

v1.15.2 - April 21, 2026

This release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in allowedSocketPaths allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.

🔒 Security Fixes

• Prototype Pollution Hardening (HTTP Adapter): Hardened the Node HTTP adapter and resolveConfig/mergeConfig/validator paths to read only own properties and use null-prototype config objects, preventing polluted auth, baseURL, socketPath, beforeRedirect, and insecureHTTPParser from influencing requests. (#10779)
• SSRF via socketPath: Rejects non-string socketPath values and adds an opt-in allowedSocketPaths config option to restrict permitted Unix domain socket paths, returning AxiosError ERR_BAD_OPTION_VALUE on mismatch. (#10777)
• Supply-chain Hardening: Added .npmrc with ignore-scripts=true, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded SECURITY.md/THREATMODEL.md with provenance verification (npm audit signatures), 60-day resolution policy, and maintainer incident-response runbook. (#10776)

🚀 New Features

• allowedSocketPaths Config Option: New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (#10777)

🐛 Bug Fixes

• Keep-alive Socket Memory Leak: Installs a single per-socket error listener tracking the active request via kAxiosSocketListener/kAxiosCurrentReq, eliminating per-request listener accumulation, MaxListenersExceededWarning, and linear heap growth under concurrent or long-running keep-alive workloads (fixes #10780). (#10788)

🔧 Maintenance & Chores

• Changelog: Updated CHANGELOG.md with v1.15.1 release notes. (#10781)

Full Changelog

---

v1.15.1 - April 19, 2026

This release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.

🔒 Security Fixes

• Header Injection Hardening: Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (#10749)

• CRLF Stripping in Multipart Headers: Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (#10758)

• Prototype Pollution / Auth Bypass: Replaced unsafe in checks with hasOwnProperty to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (#10761, #10760)

• withXSRFToken Truthy Bypass: Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (#10762)

• maxBodyLength With Zero Redirects: Enforces maxBodyLength even when maxRedirects is set to 0, closing a bypass path for oversized request bodies. (#10753)

• Streamed Response maxContentLength Bypass: Applies maxContentLength to streamed responses that previously bypassed the cap. (#10754)

• Follow-up CVE Completion: Completes an earlier incomplete CVE fix to fully close the regression window. (#10755)

🚀 New Features

... (truncated)

Commits

• df53d7d chore(release): prepare release 1.16.0 (#10834)
• 9d92bcd fix: gadgets and smaller issues (#10833)
• 5107ee6 fix: prevent undefined error codes in settle (#7276)
• e573499 fix(fetch): defer global access in fetch adapter (#7260)
• ad68e1a fix(http): honor timeout during connect without redirects (#10819)
• 2a51828 fix(http): decode URL basic auth credentials (#10825)
• 0e8b6bb fix(http): preserve user-supplied Host header when forwarding through a proxy...
• 79f39e1 docs: document paramsSerializer.encode for strict RFC 3986 query encoding (#1...
• 0fe3a5f [Docs/Types] Update parseReviver TypeScript definitions for ES2023 and add ...
• cd6737f chore: matches the sibling responseStream.on(aborted) handler and added tests...
• Additional commits viewable in compare view

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.

Updates lucide-react from 0.563.0 to 1.14.0

Release notes

Sourced from lucide-react's releases.

Version 1.14.0

What's Changed

• feat(icons): added repeat-off icon by @​jguddas in lucide-icons/lucide#3102

Full Changelog: lucide-icons/lucide@1.13.0...1.14.0

Version 1.13.0

What's Changed

• fix(docs): sync URL params with UI state on categories page by @​taimar in lucide-icons/lucide#4111
• feat(icons): add waves-vertical icon by @​jamiemlaw in lucide-icons/lucide#3867

Full Changelog: lucide-icons/lucide@1.12.0...1.13.0

Version 1.12.0

What's Changed

• feat(icon): add folder-bookmark icon by @​swastik7805 in lucide-icons/lucide#4262
• docs(readme): Update readme files by @​ericfennis in lucide-icons/lucide#4320
• feat(icons): added astroid icon by @​whoisBugsbunny in lucide-icons/lucide#4217

Full Changelog: lucide-icons/lucide@1.10.0...1.12.0

Version 1.11.0

What's Changed

• docs: add missing period to TypeScript Support description by @​jglu in lucide-icons/lucide#4309
• fix(@​lucide/svelte): proper doc comments for svelte components by @​blt-r in lucide-icons/lucide#4267
• chore(deps): bump svgo from 3.3.2 to 3.3.3 by @​dependabot[bot] in lucide-icons/lucide#4119
• chore(deps-dev): bump astro from 6.0.8 to 6.1.6 by @​dependabot[bot] in lucide-icons/lucide#4310
• feat(icons): add power and quick tags to zap and zap-off by @​swastik7805 in lucide-icons/lucide#4268
• test(build-font): added comprehensive unit tests on build-font tool by @​karsa-mistmere in lucide-icons/lucide#4315
• feat(docs): blur background of framework-select by @​Spleefies in lucide-icons/lucide#4238
• feat(icon): add heart-x icon by @​swastik7805 in lucide-icons/lucide#4264
• fix(icons): optimised rotate-3d icon by @​jamiemlaw in lucide-icons/lucide#4299
• feat(icons): added layers-minus icon by @​Spleefies in lucide-icons/lucide#4005
• feat(icons): added bell-check icon by @​pettelau in lucide-icons/lucide#4152

New Contributors

• @​jglu made their first contribution in lucide-icons/lucide#4309
• @​pettelau made their first contribution in lucide-icons/lucide#4152

Full Changelog: lucide-icons/lucide@1.9.0...1.11.0

Version 1.10.0

What's Changed

• docs: add missing period to TypeScript Support description by @​jglu in lucide-icons/lucide#4309
• fix(@​lucide/svelte): proper doc comments for svelte components by @​blt-r in lucide-icons/lucide#4267
• chore(deps): bump svgo from 3.3.2 to 3.3.3 by @​dependabot[bot] in lucide-icons/lucide#4119
• chore(deps-dev): bump astro from 6.0.8 to 6.1.6 by @​dependabot[bot] in lucide-icons/lucide#4310

... (truncated)

Commits

• 50d8af5 docs(readme): Update readme files (#4320)
• 653e44b feat(packages): use .mjs for ESM bundles (#4285)
• 7623e23 feat(docs): add Zephyr Cloud to Hero Backers tier & rework updateSponsors scr...
• dada0a8 fix(lucide-react): Fix dynamic imports (#4210)
• a6e648a fix(lucide-react): correct client directives in RSC files (#4189)
• 1f010a3 fix(lucide-react): Fixes provider export and RSC render issues (#4175)
• 484f2c9 docs(version-1): Version 1 website (#4142)
• a0e202d feat(packages/angular): add new @​lucide/angular package (#3897)
• c5b155e Merge branch 'main' of https://github.com/lucide-icons/lucide into next
• f6c0d06 chore(deps): bump rollup from 4.53.3 to 4.59.0 (#4106)
• Additional commits viewable in compare view

Updates mammoth from 1.11.0 to 1.12.0

Changelog

Sourced from mammoth's changelog.

1.12.0

• Handle hyperlinked wp:anchor and wp:inline elements.

• Handle hyperlink complex fields with unquoted hrefs.

Commits

• 380a4a8 Bump version to 1.12.0
• 0830b29 Clarify variable name
• 8e6c5c7 Clarify test names
• 04ac1b9 Simplify HYPERLINK field handling
• 6cfbe0b Handle hyperlink complex fields with unquoted hrefs
• 5b8d20f Handle hyperlinked wp:anchor and wp:inline elements
• See full diff in compare view

Updates openai from 6.18.0 to 6.35.0

Release notes

Sourced from openai's releases.

v6.35.0

6.35.0 (2026-04-28)

Full Changelog: v6.34.0...v6.35.0

Features

• api: Add detail to InputFileContent (910ec5d)
• api: add OAuthErrorCode type (f84bd1f)
• api: add prompt_cache_retention parameter to responses compact (c486d1f)
• api: add web_search_call.results to ResponseIncludable (72449a1)
• api: manual updates (b742f1f)
• client: add support for binary messages (c498cc3)
• client: add support for path parameters in websockets clients (e0aba70)
• client: add support for queuing messages when waiting for a connection (fd8868c)
• client: add support for WebSockets in the browser when using simple auth (27bda6a)
• client: support automatic reconnection for websockets (189410b)
• typescript: expose underlying WebSocket type (7e96939)

Bug Fixes

• client: allow single messages greater than the size of the websockets queue (ad19ab2)
• internal: gitignore generated oidc dir (cf860f6)
• types: correct prompt_cache_retention enum value in chat/completions and responses (5a81e1a)
• types: preserve emitted ts-ignore comments (1cde375)

Chores

• ci: remove release-doctor workflow (e5ab4d1)
• format: apply prettier output (80fa23d)
• format: ignore release-updated jsr config (f606e8b)
• formatter: run prettier and eslint separately (68a988e)
• internal: codegen related update (7673137)
• internal: fix package.json duplicate keys (5f075a8)
• internal: more robust bootstrap script (252e70a)
• internal: version bump (34c84ee)
• tests: bump steady to v0.22.1 (316bdba)

Documentation

• improve examples (6400d19)

v6.34.0

6.34.0 (2026-04-08)

Full Changelog: v6.33.0...v6.34.0

... (truncated)

Changelog

Sourced from openai's changelog.

6.35.0 (2026-04-28)

Full Changelog: v6.34.0...v6.35.0

Features

• api: Add detail to InputFileContent (910ec5d)
• api: add OAuthErrorCode type (f84bd1f)
• api: add prompt_cache_retention parameter to responses compact (c486d1f)
• api: add web_search_call.results to ResponseIncludable (72449a1)
• api: manual updates (b742f1f)
• client: add support for binary messages (c498cc3)
• client: add support for path parameters in websockets clients (e0aba70)
• client: add support for queuing messages when waiting for a connection (fd8868c)
• client: add support for WebSockets in the browser when using simple auth (27bda6a)
• client: support automatic reconnection for websockets (189410b)
• typescript: expose underlying WebSocket type (7e96939)

Bug Fixes

• client: allow single messages greater than the size of the websockets queue (ad19ab2)
• internal: gitignore generated oidc dir (cf860f6)
• types: correct prompt_cache_retention enum value in chat/completions and responses (5a81e1a)
• types: preserve emitted ts-ignore comments (1cde375)

Chores

• ci: remove release-doctor workflow (e5ab4d1)
• format: apply prettier output (80fa23d)
• format: ignore release-updated jsr config (f606e8b)
• formatter: run prettier and eslint separately (68a988e)
• internal: codegen related update (7673137)
• internal: fix package.json duplicate keys (5f075a8)
• internal: more robust bootstrap script (252e70a)
• internal: version bump (34c84ee)
• tests: bump steady to v0.22.1 (316bdba)

Documentation

• improve examples (6400d19)

6.34.0 (2026-04-08)

Full Changelog: v6.33.0...v6.34.0

Features

... (truncated)

Commits

• 8bef148 Merge pull request #1821 from openai/release-please--branches--master--change...
• ddde7ab release: 6.35.0
• 1cde375 fix(types): preserve emitted ts-ignore comments
• 5f075a8 chore(internal): fix package.json duplicate keys
• f606e8b chore(format): ignore release-updated jsr config
• 80fa23d chore(format): apply prettier output
• 68a988e chore(formatter): run prettier and eslint separately
• 54cf1f4 codegen metadata
• b0c44be codegen metadata
• 5a81e1a fix(types): correct prompt_cache_retention enum value in chat/completions and...
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for openai since your current version.

Updates react from 19.2.4 to 19.2.5

Release notes

Sourced from react's releases.

19.2.5 (April 8th, 2026)

React Server Components

• Add more cycle protections (#36236 by @​eps1lon and @​unstubbable)

Commits

• 23f4f9f 19.2.5
• See full diff in compare view

Updates react-dom from 19.2.4 to 19.2.5

Release notes

Sourced from react-dom's releases.

19.2.5 (April 8th, 2026)

React Server Components

• Add more cycle protections (#36236 by @​eps1lon and @​unstubbable)

Commits

• 23f4f9f 19.2.5
• See full diff in compare view

Updates react-router-dom from 7.13.0 to 7.14.2

Changelog

Sourced from react-router-dom's changelog.

v7.14.2

Patch Changes

• Updated dependencies:
  • react-router@7.14.2

v7.14.1

Patch Changes

• Updated dependencies:
  • react-router@7.14.1

7.14.0

Patch Changes

• Updated dependencies:
  • react-router@7.14.0

7.13.2

Patch Changes

• Updated dependencies:
  • react-router@7.13.2

7.13.1

Patch Changes

• Updated dependencies:
  • react-router@7.13.1

Commits

• cf1d250 Release v7.14.2 (#14993)
• 197674b Release 7.14.1 (#14973)
• a87774f Add new release process (#14916)
• e31077b chore: Update version for release (#14945)
• 6683e85 chore: Update version for release (pre) (#14943)
• aadb56f chore: Update version for release (#14908)
• c68a9b3 chore: Update version for release (pre) (#14893)
• aa3f078 chore: Update version for release (#14829)
• 3207a5c chore: Update version for release (pre) (#14814)
• See full diff in compare view

Updates tailwind-merge from 3.4.0 to 3.5.0

Release notes

Sourced from tailwind-merge's releases.

v3.5.0

New Features

• Add support for Tailwind CSS v4.2 by @​dcastil in dcastil/tailwind-merge#651

Full Changelog: dcastil/tailwind-merge@v3.4.1...v3.5.0

Thanks to @​brandonmcconnell, @​manavm1990, @​langy, @​roboflow, @​syntaxfm, @​getsentry, @​codecov, a private sponsor, @​block, @​openclaw, @​sourcegraph and more via @​thnxdev for sponsoring tailwind-merge! ❤️

v3.4.1

Bug Fixes

• Prevent arbitrary font-family and font-weight from merging by @​roneymoon in dcastil/tailwind-merge#635

Full Changelog: dcastil/tailwind-merge@v3.4.0...v3.4.1

Thanks to @​brandonmcconnell, @​manavm1990, @​langy, @​roboflow, @​syntaxfm, @​getsentry, @​codecov, a private sponsor, @​block, @​openclaw, @​sourcegraph and more via @​thnxdev for sponsoring tailwind-merge! ❤️

Commits

• 270ac79 v3.5.0
• 86f772e add changelog for 3.5.0
• 6c1f77c Merge pull request #651 from dcastil/feature/add-support-for-tailwind-css-v4.2
• 7a4cacf Add support for decimal fraction values
• 9ef0f79 fix incorrectly escaped characters
• f4938b0 update README with v4.2 support
• b02a572 Add Tailwind v4.2 font-features utilities support
• 5bd25ec Add Tailwind v4.2 logical sizing utilities
• 697c920 Add Tailwind v4.2 logical border block utilities
• 6656a47 Improve JSDoc comments for logical insets
• Additional commits viewable in compare view

Updates uuid from 13.0.0 to 14.0.0

Release notes

Sourced from uuid's releases.

v14.0.0

14.0.0 (2026-04-19)

⚠ BREAKING CHANGES

• expect crypto to be global everywhere (requires node@20+) (#935)
• drop node@18 support (#934)

Features

• drop node@18 support (#934) (dc4ddb8)

Bug Fixes

• expect crypto to be global everywhere (requires node@20+) (#935) (f2c235f)
• Use GITHUB_TOKEN for release-please and enable npm provenance (#925) (ffa3138)

v13.0.1

13.0.1 (2026-04-27)

Bug Fixes

• backport fix for GHSA-w5hq-g745-h8pq (9d27ddf)

Changelog

Sourced from uuid's changelog.

14.0.0 (2026-04-19)

Security

• Fixes GHSA-w5hq-g745-h8pq: v3(), v5(), and v6() did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid offset was provided. A RangeError is now thrown if offset < 0 or offset + 16 > buf.length.

⚠ BREAKING CHANGES

• crypto is now expected to be globally defined (requires node@20+) (#935)
• drop node@18 support (#934)
• upgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years

Commits

• 7c1ea08 chore(main): release 14.0.0 (#926)
• 3d2c5b0 Merge commit from fork
• f2c235f fix!: expect crypto to be global everywhere (requires node@20+) (#935)
• 529ef08 chore: upgrade TypeScript and fixup types (#927)
• 086fd79 chore: update dependencies (#933)
• dc4ddb8 feat!: drop node@18 support (#934)
• 0f1f9c9 chore: switch to Biome for parsing and linting (#932)
• e2879e6 chore: use maintained version of npm-run-all (#930)
• ffa3138 fix: Use GITHUB_TOKEN for release-please and enable npm provenance (#925)
• 0423d49 docs: remove obsolete v1 option notes (#915)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for uuid since your current version.

Updates zustand from 5.0.11 to 5.0.12

Release notes

Sourced from zustand's releases.

v5.0.12

Two small fixes.

What's Changed

• fix(persist): use latest state in post-rehydration callback by @​Shohjahon-n in pmndrs/zustand#3391
• fix(devtools): correct redux devtools config type extension by @​grigoriy-reshetniak in pmndrs/zustand#3414

New Contributors

• @​pavan-sh made their first contribution in pmndrs/zustand#3378
• @​Copilot made their first contribution in pmndrs/zustand#3395
• @​Aravindsreeni made their first contribution in pmndrs/zustand#3400
• @​wallzero made their first contribution in pmndrs/zustand#3401
• @​chaesunbak made their first contribution in pmndrs/zustand#3405
• @​Shohjahon-n made their first contribution in pmndrs/zustand#3391

Full Changelog: pmndrs/zustand@v5.0.11...v5.0.12

Commits

• 206012d 5.0.12
• d714065 chore(deps): update dev dependencies (#3427)
• 89ebcd7 fix(devtools): correct redux devtools config type extension (#3414)
• 6213fc1 fix(persist): use latest state in post-rehydration callback (#3391)
• a3869ca docs: fix broken links in beginner TypeScript guide (#3423)
• c49df38 Hotfix section linking (#3410)
• 5561e9b Fix indentation for actions in index.md (#3406)
• 4966a15 fix(readme) : comparison documentaion link (

[dependabot]

Labels

The following labels could not be found: dependencies, npm. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.