chore: production deploy#5736
Merged
Merged
Conversation
supabase-cli-releaser
Bot
commented
Jun 30, 2026
supabase-cli-releaser
Bot
commented
Contributor
- feat(db): add reset sql path override (feat(db): add reset sql path override #5691)
- fix(cli): detect stale local postgres before declarative sync (fix(cli): detect stale local postgres before declarative sync #5646)
- chore(ci): allow API sync automerge (chore(ci): allow API sync automerge #5698)
- chore: sync API types from infrastructure (chore: sync API types from infrastructure #5697)
- fix(deps): bump github.com/posthog/posthog-go from 1.15.0 to 1.15.1 in /apps/cli-go in the go-minor group across 1 directory (fix(deps): bump github.com/posthog/posthog-go from 1.15.0 to 1.15.1 in /apps/cli-go in the go-minor group across 1 directory #5703)
- fix(docker): bump supabase/storage-api from v1.61.3 to v1.61.4 in /apps/cli-go/pkg/config/templates in the docker-minor group (fix(docker): bump supabase/storage-api from v1.61.3 to v1.61.4 in /apps/cli-go/pkg/config/templates in the docker-minor group #5704)
- chore(ci): bump softprops/action-gh-release from 3.0.0 to 3.0.1 in the actions-major group (chore(ci): bump softprops/action-gh-release from 3.0.0 to 3.0.1 in the actions-major group #5705)
- chore(api): sync Management API OpenAPI spec (chore(api): sync Management API OpenAPI spec #5707)
- test(cli): supabox-backed live test suite + cli-e2e-ci dispatch (test(cli): supabox-backed live test suite + cli-e2e-ci dispatch #5699)
- fix(realtime): unblock and bump realtime to v2.111.8 (fix(realtime): unblock and bump realtime to v2.111.8 #5701)
- fix(cli): skip empty schema_paths globs in db diff (fix(cli): skip empty schema_paths globs in db diff #5702)
- fix(docker): bump supabase/realtime from v2.111.8 to v2.111.10 in /apps/cli-go/pkg/config/templates in the docker-minor group (fix(docker): bump supabase/realtime from v2.111.8 to v2.111.10 in /apps/cli-go/pkg/config/templates in the docker-minor group #5709)
- chore(deps): bump github.com/posthog/posthog-go from 1.15.1 to 1.16.0 in /apps/cli-go in the go-minor group across 1 directory (chore(deps): bump github.com/posthog/posthog-go from 1.15.1 to 1.16.0 in /apps/cli-go in the go-minor group across 1 directory #5710)
- fix(cli): shorten serve argv (fix(cli): shorten serve argv #5712)
- fix(docker): bump the docker-minor group in /apps/cli-go/pkg/config/templates with 2 updates (fix(docker): bump the docker-minor group in /apps/cli-go/pkg/config/templates with 2 updates #5717)
- chore(deps): bump github.com/posthog/posthog-go from 1.16.0 to 1.16.1 in /apps/cli-go in the go-minor group across 1 directory (chore(deps): bump github.com/posthog/posthog-go from 1.16.0 to 1.16.1 in /apps/cli-go in the go-minor group across 1 directory #5718)
- chore(deps): bump github.com/oapi-codegen/runtime from 1.4.1 to 1.4.2 in /apps/cli-go in the go-minor group across 1 directory (chore(deps): bump github.com/oapi-codegen/runtime from 1.4.1 to 1.4.2 in /apps/cli-go in the go-minor group across 1 directory #5719)
- chore(deps): bump the npm-major group with 26 updates (chore(deps): bump the npm-major group with 26 updates #5720)
- chore(api): sync Management API OpenAPI spec (chore(api): sync Management API OpenAPI spec #5721)
- fix(cli): handle AlreadyExists errors in directory creation (fix(cli): handle AlreadyExists errors in directory creation #5724)
- chore(api): sync Management API OpenAPI spec (chore(api): sync Management API OpenAPI spec #5723)
- chore(deps): bump the go-minor group across 2 directories with 2 updates (chore(deps): bump the go-minor group across 2 directories with 2 updates #5730)
- chore(deps): bump the npm-major group with 4 updates (chore(deps): bump the npm-major group with 4 updates #5731)
- fix(docker): bump supabase/postgres from 17.6.1.139 to 17.6.1.140 in /apps/cli-go/pkg/config/templates (fix(docker): bump supabase/postgres from 17.6.1.139 to 17.6.1.140 in /apps/cli-go/pkg/config/templates #5733)
- fix(docker): bump the docker-minor group in /apps/cli-go/pkg/config/templates with 6 updates (fix(docker): bump the docker-minor group in /apps/cli-go/pkg/config/templates with 6 updates #5732)
- chore(ci): bump the actions-major group with 4 updates (chore(ci): bump the actions-major group with 4 updates #5734)
Adds a repeatable `--sql-paths` flag to `supabase db reset` so users can override `[db.seed].sql_paths` for a single reset without editing `config.toml`. The flag accepts the same file path or glob pattern syntax as `sql_paths`, resolves relative values from the `supabase` directory, and remains mutually exclusive with `--no-seed`. Passing `--sql-paths` force-enables seeding for that reset even when config disables seeding, and remote resets warn before applying override seeds to a `--linked` or `--db-url` target. The TypeScript legacy command wrapper forwards the flag to the current Go implementation while `db reset` remains on the legacy path. Addresses #2191 Supersedes #4680
## What - Add a declarative schema sync guard that inspects the local Postgres container image tag before generating a migration. - Fail with an actionable stop/start suggestion when the running local Postgres container tag is stale. - Cover missing, matching, registry-different, and stale local container cases with regression tests. ## Why A stale local Postgres container after a CLI upgrade can produce declarative sync output against an inconsistent local stack, such as incorrect extension drops. ## Validation - `cd apps/cli-go && go test ./cmd ./internal/db/declarative` - `cd apps/cli-go && GOMAXPROCS=4 go test ./...` - `git diff --check` Fixes #5555 --------- Co-authored-by: Julien Goux <hi@jgoux.dev>
Generated API sync PRs only touch generated output, but the Go API files still inherited the catch-all CODEOWNERS rule and requested CLI team review. This adds an ownerless CODEOWNERS override for `apps/cli-go/pkg/api/*.gen.go` so green Go API sync PRs can be auto-merged by the existing app bypass. It also removes the ignored self-approval steps from both API sync workflows. GitHub rejects those approvals for PRs created by the same app, and the workflows already enable auto-merge with the app token after opening or updating the PR.
This PR was automatically created to sync API types from the infrastructure repository. Changes were detected in the generated API code after syncing with the latest spec from infrastructure. Co-authored-by: supabase-cli-releaser[bot] <246109035+supabase-cli-releaser[bot]@users.noreply.github.com>
…n /apps/cli-go in the go-minor group across 1 directory (#5703) Bumps the go-minor group with 1 update in the /apps/cli-go directory: [github.com/posthog/posthog-go](https://github.com/posthog/posthog-go). Updates `github.com/posthog/posthog-go` from 1.15.0 to 1.15.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/posthog/posthog-go/releases">github.com/posthog/posthog-go's releases</a>.</em></p> <blockquote> <h2>1.15.1</h2> <h2>Unreleased</h2> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/PostHog/posthog-go/blob/main/CHANGELOG.md">github.com/posthog/posthog-go's changelog</a>.</em></p> <blockquote> <h2>1.15.1</h2> <h3>Patch Changes</h3> <ul> <li>52b7373: Stop sending ignored top-level capture fields and rely on canonical event properties.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/PostHog/posthog-go/commit/bd516cccf9214b230b629869a2c20701952181de"><code>bd516cc</code></a> chore: release v1.15.1 [version bump] [skip ci]</li> <li><a href="https://github.com/PostHog/posthog-go/commit/52b7373cdd14f01512e4cef33e0056c6da0243bd"><code>52b7373</code></a> fix: Stop sending ignored capture fields (<a href="https://redirect.github.com/posthog/posthog-go/issues/225">#225</a>)</li> <li><a href="https://github.com/PostHog/posthog-go/commit/c197513ca00b963b363dd63a3971e8b204293757"><code>c197513</code></a> chore: add AI contribution policy (<a href="https://redirect.github.com/posthog/posthog-go/issues/223">#223</a>)</li> <li><a href="https://github.com/PostHog/posthog-go/commit/b955cc8a0d8c6d1bcb2ec88af3ccd59a4806781e"><code>b955cc8</code></a> ci: add public API snapshot check (<a href="https://redirect.github.com/posthog/posthog-go/issues/220">#220</a>)</li> <li><a href="https://github.com/PostHog/posthog-go/commit/633e401857086b1394de6d0fc4eabded5b457339"><code>633e401</code></a> docs: centralize SDK examples in official docs (<a href="https://redirect.github.com/posthog/posthog-go/issues/219">#219</a>)</li> <li><a href="https://github.com/PostHog/posthog-go/commit/e910c15cb576fd76bcbd6f1f5fccc7d913785068"><code>e910c15</code></a> chore: improve CI workflow coverage (<a href="https://redirect.github.com/posthog/posthog-go/issues/218">#218</a>)</li> <li><a href="https://github.com/PostHog/posthog-go/commit/eda6f4b79a0371981dba1d2f5566de98eb08a830"><code>eda6f4b</code></a> refactor: remove dry4go duplicate candidates (<a href="https://redirect.github.com/posthog/posthog-go/issues/216">#216</a>)</li> <li>See full diff in <a href="https://github.com/posthog/posthog-go/compare/v1.15.0...v1.15.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ps/cli-go/pkg/config/templates in the docker-minor group (#5704) Bumps the docker-minor group in /apps/cli-go/pkg/config/templates with 1 update: supabase/storage-api. Updates `supabase/storage-api` from v1.61.3 to v1.61.4 [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…e actions-major group (#5705) Bumps the actions-major group with 1 update: [softprops/action-gh-release](https://github.com/softprops/action-gh-release). Updates `softprops/action-gh-release` from 3.0.0 to 3.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/softprops/action-gh-release/releases">softprops/action-gh-release's releases</a>.</em></p> <blockquote> <h2>v3.0.1</h2> <h2>3.0.1</h2> <ul> <li>maintenance release with updated dependencies</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md">softprops/action-gh-release's changelog</a>.</em></p> <blockquote> <h2>3.0.1</h2> <ul> <li>maintenance release with updated dependencies</li> </ul> <h2>3.0.0</h2> <p><code>3.0.0</code> is a major release that moves the action runtime from Node 20 to Node 24. Use <code>v3</code> on GitHub-hosted runners and self-hosted fleets that already support the Node 24 Actions runtime. If you still need the last Node 20-compatible line, stay on <code>v2.6.2</code>.</p> <h2>What's Changed</h2> <h3>Other Changes 🔄</h3> <ul> <li>Move the action runtime and bundle target to Node 24</li> <li>Update <code>@types/node</code> to the Node 24 line and allow future Dependabot updates</li> <li>Keep the floating major tag on <code>v3</code>; <code>v2</code> remains pinned to the latest <code>2.x</code> release</li> </ul> <h2>2.6.2</h2> <h2>What's Changed</h2> <h3>Other Changes 🔄</h3> <ul> <li>chore(deps): bump picomatch from 4.0.3 to 4.0.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/softprops/action-gh-release/pull/775">softprops/action-gh-release#775</a></li> <li>chore(deps): bump brace-expansion from 5.0.4 to 5.0.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/softprops/action-gh-release/pull/777">softprops/action-gh-release#777</a></li> <li>chore(deps): bump vite from 8.0.0 to 8.0.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/softprops/action-gh-release/pull/781">softprops/action-gh-release#781</a></li> </ul> <h2>2.6.1</h2> <p><code>2.6.1</code> is a patch release focused on restoring linked discussion thread creation when <code>discussion_category_name</code> is set. It fixes <code>[#764](https://github.com/softprops/action-gh-release/issues/764)</code>, where the draft-first publish flow stopped carrying the discussion category through the final publish step.</p> <p>If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.</p> <h2>What's Changed</h2> <h3>Bug fixes 🐛</h3> <ul> <li>fix: preserve discussion category on publish by <a href="https://github.com/chenrui333"><code>@chenrui333</code></a> in <a href="https://redirect.github.com/softprops/action-gh-release/pull/765">softprops/action-gh-release#765</a></li> </ul> <h2>2.6.0</h2> <p><code>2.6.0</code> is a minor release centered on <code>previous_tag</code> support for <code>generate_release_notes</code>, which lets workflows pin GitHub's comparison base explicitly instead of relying on the default range. It also includes the recent concurrent asset upload recovery fix, a <code>working_directory</code> docs sync, a checked-bundle freshness guard for maintainers, and clearer immutable-prerelease guidance where GitHub platform behavior imposes constraints on how prerelease asset uploads can be published.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/softprops/action-gh-release/commit/718ea10b132b3b2eba29c1007bb80653f286566b"><code>718ea10</code></a> release 3.0.1</li> <li><a href="https://github.com/softprops/action-gh-release/commit/f1a938b9d84ca9b770d0d8dfeb3e7285fe261e63"><code>f1a938b</code></a> chore(deps): bump esbuild from 0.28.0 to 0.28.1 (<a href="https://redirect.github.com/softprops/action-gh-release/issues/802">#802</a>)</li> <li><a href="https://github.com/softprops/action-gh-release/commit/0066ead0de7252b4876b36b5357fc3974619d36a"><code>0066ead</code></a> chore(deps): bump vite from 8.0.14 to 8.0.16 (<a href="https://redirect.github.com/softprops/action-gh-release/issues/806">#806</a>)</li> <li><a href="https://github.com/softprops/action-gh-release/commit/dc643cac6252aaa00c9b0b6c940d489cd7bf6b23"><code>dc643ca</code></a> chore(deps): bump the npm group with 3 updates (<a href="https://redirect.github.com/softprops/action-gh-release/issues/805">#805</a>)</li> <li><a href="https://github.com/softprops/action-gh-release/commit/85ee99b6b20742a3823a8a289ee5e6ceab44e8aa"><code>85ee99b</code></a> chore(deps): bump actions/checkout in the github-actions group (<a href="https://redirect.github.com/softprops/action-gh-release/issues/804">#804</a>)</li> <li><a href="https://github.com/softprops/action-gh-release/commit/9ed3cf9a6863b31f005d951c8d19de20628cf4eb"><code>9ed3cf9</code></a> chore(deps): bump the npm group with 2 updates (<a href="https://redirect.github.com/softprops/action-gh-release/issues/800">#800</a>)</li> <li><a href="https://github.com/softprops/action-gh-release/commit/3efcac8951299998593f871640ea8059d6818655"><code>3efcac8</code></a> chore(deps): bump the npm group with 3 updates (<a href="https://redirect.github.com/softprops/action-gh-release/issues/798">#798</a>)</li> <li><a href="https://github.com/softprops/action-gh-release/commit/05d6b9164aa74958de40b0179d6a773112fcdc7f"><code>05d6b91</code></a> chore(deps): bump brace-expansion from 5.0.5 to 5.0.6 (<a href="https://redirect.github.com/softprops/action-gh-release/issues/797">#797</a>)</li> <li><a href="https://github.com/softprops/action-gh-release/commit/403a5240f3837fa857f642062e05aad6bb3391ca"><code>403a524</code></a> chore(deps): bump <code>@types/node</code> from 24.12.2 to 24.12.3 in the npm group (<a href="https://redirect.github.com/softprops/action-gh-release/issues/796">#796</a>)</li> <li><a href="https://github.com/softprops/action-gh-release/commit/437e073e786973c6b6af97d9e445c41ae43b1d29"><code>437e073</code></a> chore(deps): bump the npm group with 4 updates (<a href="https://redirect.github.com/softprops/action-gh-release/issues/792">#792</a>)</li> <li>Additional commits viewable in <a href="https://github.com/softprops/action-gh-release/compare/b4309332981a82ec1c5618f44dd2e27cc8bfbfda...718ea10b132b3b2eba29c1007bb80653f286566b">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This PR was automatically created to sync the generated `@supabase/api` package with the latest Management API OpenAPI document. Changes were detected in the upstream OpenAPI document exposed by `https://api.supabase.com/api/v1-json`. Co-authored-by: jgoux <1443499+jgoux@users.noreply.github.com>
Adds a `live` test category that exercises the built CLI against a **real Supabase platform** — a fulls supabox stack stood up in CI by cli-e2e-ci — and the cli-side trigger that runs it for a PR. ## What changed - **`live` Vitest project** (`*.live.test.ts`) + harness in `apps/cli/tests/helpers/live.ts`: - `runSupabaseLive` (drives the built binary via `SUPABASE_PROFILE=supabase-local`), `describeLive` (gated on `SUPABASE_ACCESS_TOKEN`), and `describeLiveProject` / `requireLiveProjectRef` (gated on `SUPABASE_LIVE_PROJECT_REF` for project-scoped suites). - `tests/live-global-setup.ts` fail-fast reachability probe. - nx `test:live` target (auto-derived from the project) + `nx.json` default; **removed** the recursive `test:live` package script (it shadowed the nx target and looped). - **8 live scenarios**: `orgs list` (+JSON, +invalid-token negative), `projects list` (+JSON), `functions list` / `branches list` (project-scoped), and a `functions list` unknown-project (404) negative. - **`.github/workflows/dispatch-cli-e2e-ci.yml`**: on PRs labeled `run-live-e2e-ci`, fires a `repository_dispatch` to cli-e2e-ci with the PR head SHA; cli-e2e-ci builds that SHA, runs the suite, and reports a `cli-e2e-ci / live` commit status back. Distinct from the staging `live-e2e.yml`. ## Why There was no backend-hitting live coverage — existing `*.e2e.test.ts` use fake tokens. This validates real Management-API flows end-to-end against supabox. Refs CLI-1825 / CLI-1834 / CLI-1831. ## Reviewer notes - The `live` project is **inert by default** — it only runs when `SUPABASE_ACCESS_TOKEN` is set (the cli-e2e-ci runner provides supabox's seeded PAT), so it does not touch the normal unit/integration/e2e loop. - Validated green in cli-e2e-ci on Blacksmith: **8 passed, 0 skipped**, including the project-scoped suites (the runner provisions a project and sets `SUPABASE_LIVE_PROJECT_REF`). - The dispatch loop needs, on the infra side: a `run-live-e2e-ci` label on this repo, the App's `contents: write` on cli-e2e-ci (to dispatch) and `statuses: write` here (for the back-status). The build/test half is proven without them. --------- Co-authored-by: Claude <noreply@anthropic.com>
## What kind of change does this PR introduce? - Revert #5628 fixed by supabase/realtime#1984 - Sync template/tests to latest Realtime version ## What is the current behavior? Realtime update blocked. Co-authored-by: Andrew Valleteau <avallete@users.noreply.github.com>
## TL;DR Fixes a regression in `supabase db diff` where declarative `schema_paths` entries that currently match no files would abort the command instead of being skipped ## What’s fixed? loading path now ignores empty `schema_paths` glob matches while still preserving existing behavior for valid matches, deterministic ordering, deduping, and invalid glob errors **Before:** Projects using declarative schema config like: would fail if one of those globs matched nothing, with an error like: ```text no files matched pattern: supabase/schemas/materialized_views/*.sql ``` That turned a normal incremental-adoption setup into a fatal `db diff` failure **After:** skips empty `schema_paths` glob entries and continues diffing with the files that do exist, matching the expected existing behavior ## Ref - closes #5700
…ps/cli-go/pkg/config/templates in the docker-minor group (#5709) Bumps the docker-minor group in /apps/cli-go/pkg/config/templates with 1 update: supabase/realtime. Updates `supabase/realtime` from v2.111.8 to v2.111.10 [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
… in /apps/cli-go in the go-minor group across 1 directory (#5710) Bumps the go-minor group with 1 update in the /apps/cli-go directory: [github.com/posthog/posthog-go](https://github.com/posthog/posthog-go). Updates `github.com/posthog/posthog-go` from 1.15.1 to 1.16.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/posthog/posthog-go/releases">github.com/posthog/posthog-go's releases</a>.</em></p> <blockquote> <h2>1.16.0</h2> <h2>Unreleased</h2> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/PostHog/posthog-go/blob/main/CHANGELOG.md">github.com/posthog/posthog-go's changelog</a>.</em></p> <blockquote> <h2>1.16.0</h2> <h3>Minor Changes</h3> <ul> <li>1068ec9: Add a BeforeSend hook for modifying or dropping messages before they are sent.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/PostHog/posthog-go/commit/d91c948ae95f3a095c7717818e6b0635beb6e312"><code>d91c948</code></a> chore: release v1.16.0 [version bump] [skip ci]</li> <li><a href="https://github.com/PostHog/posthog-go/commit/1068ec9006b371d517e5515972c0ea8f8d604e3e"><code>1068ec9</code></a> feat: add before send hook (<a href="https://redirect.github.com/posthog/posthog-go/issues/224">#224</a>)</li> <li><a href="https://github.com/PostHog/posthog-go/commit/36d1928b5732d99687c9c4a17daee937a5f3753c"><code>36d1928</code></a> test: stabilize race-mode tests (<a href="https://redirect.github.com/posthog/posthog-go/issues/227">#227</a>)</li> <li><a href="https://github.com/PostHog/posthog-go/commit/e1d47eabc4b4a722f629d037e4c434c6840dbc86"><code>e1d47ea</code></a> chore: Template SDK version in API snapshot (<a href="https://redirect.github.com/posthog/posthog-go/issues/226">#226</a>)</li> <li>See full diff in <a href="https://github.com/posthog/posthog-go/compare/v1.15.1...v1.16.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
## TL;DR fixes a regression in `supabase functions serve` by removing the bundled Edge Runtime bootstrap script from the spawned `docker run ... sh -c ...` argv and mounting it into the container as `/root/index.ts` instead This keeps the startup command small, preserves the runtime behavior, and avoids the `ENAMETOOLONG: name too long, uv_spawn` failure... ## What's fixed? `functions serve` ts path was embedding the full bundled runtime template directly into the docker entrypoint command on win, that made the final spawn argv large enough to fail before docker even started, which surfaced as `ENAMETOOLONG: name too long, uv_spawn` **Before:** the runtime template was embedded directly into the docker startup command and hit spawn length limits **After:** the template is mounted from a temp file, so the startup command stays short ## ref: - closes #5711
…emplates with 2 updates (#5717) Bumps the docker-minor group in /apps/cli-go/pkg/config/templates with 2 updates: supabase/realtime and supabase/storage-api. Updates `supabase/realtime` from v2.111.10 to v2.112.0 Updates `supabase/storage-api` from v1.61.4 to v1.61.5 Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
… in /apps/cli-go in the go-minor group across 1 directory (#5718) Bumps the go-minor group with 1 update in the /apps/cli-go directory: [github.com/posthog/posthog-go](https://github.com/posthog/posthog-go). Updates `github.com/posthog/posthog-go` from 1.16.0 to 1.16.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/posthog/posthog-go/releases">github.com/posthog/posthog-go's releases</a>.</em></p> <blockquote> <h2>1.16.1</h2> <h2>Unreleased</h2> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/PostHog/posthog-go/blob/main/CHANGELOG.md">github.com/posthog/posthog-go's changelog</a>.</em></p> <blockquote> <h2>1.16.1</h2> <h3>Patch Changes</h3> <ul> <li>922cfff: Validate user-supplied event UUIDs before sending and generate a fallback UUID when invalid.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/PostHog/posthog-go/commit/4e2ddac87f0b580ace1d1dd79a94b481ae797315"><code>4e2ddac</code></a> chore: release v1.16.1 [version bump] [skip ci]</li> <li><a href="https://github.com/PostHog/posthog-go/commit/922cfff977077a014a15b78a70cd8becadb17c71"><code>922cfff</code></a> fix: validate supplied event UUIDs (<a href="https://redirect.github.com/posthog/posthog-go/issues/233">#233</a>)</li> <li>See full diff in <a href="https://github.com/posthog/posthog-go/compare/v1.16.0...v1.16.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
… in /apps/cli-go in the go-minor group across 1 directory (#5719) Bumps the go-minor group with 1 update in the /apps/cli-go/pkg directory: [github.com/oapi-codegen/runtime](https://github.com/oapi-codegen/runtime). Updates `github.com/oapi-codegen/runtime` from 1.4.1 to 1.4.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/oapi-codegen/runtime/releases">github.com/oapi-codegen/runtime's releases</a>.</em></p> <blockquote> <h2>Bug fix for required parameters</h2> <p>This is a bug fix to address a regression introduced in oapi-codegen v2.7.0</p> <h2>🐛 Bug fixes</h2> <ul> <li>Add missing required parameter detection (<a href="https://redirect.github.com/oapi-codegen/runtime/issues/135">#135</a>) <a href="https://github.com/mromaszewicz"><code>@mromaszewicz</code></a></li> </ul> <h2>Sponsors</h2> <p>We would like to thank our sponsors for their support during this release.</p> <!-- raw HTML omitted --> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/oapi-codegen/runtime/commit/7afeea85927be046b4a5c27cf9ae6b2cd754453c"><code>7afeea8</code></a> Add missing required parameter detection (<a href="https://redirect.github.com/oapi-codegen/runtime/issues/135">#135</a>)</li> <li>See full diff in <a href="https://github.com/oapi-codegen/runtime/compare/v1.4.1...v1.4.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the npm-major group with 26 updates:
| Package | From | To |
| --- | --- | --- |
| [verdaccio](https://github.com/verdaccio/verdaccio) | `6.7.2` |
`6.7.4` |
| [smol-toml](https://github.com/squirrelchat/smol-toml) | `1.6.1` |
`1.7.0` |
|
[@supabase/supabase-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js)
| `2.108.1` | `2.108.2` |
|
[@anthropic-ai/claude-agent-sdk](https://github.com/anthropics/claude-agent-sdk-typescript)
| `0.3.177` | `0.3.185` |
|
[@anthropic-ai/sdk](https://github.com/anthropics/anthropic-sdk-typescript)
| `0.104.1` | `0.105.0` |
|
[@clack/prompts](https://github.com/bombshell-dev/clack/tree/HEAD/packages/prompts)
| `1.5.1` | `1.6.0` |
| [ink](https://github.com/vadimdemedes/ink) | `7.0.6` | `7.1.0` |
| [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg) |
`8.21.0` | `8.22.0` |
|
[posthog-node](https://github.com/PostHog/posthog-js/tree/HEAD/packages/node)
| `5.37.0` | `5.38.2` |
| [fumadocs-core](https://github.com/fuma-nama/fumadocs) | `16.10.2` |
`16.10.5` |
| [fumadocs-ui](https://github.com/fuma-nama/fumadocs) | `16.10.2` |
`16.10.5` |
|
[@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node)
| `25.9.3` | `26.0.0` |
|
[@effect/atom-react](https://github.com/Effect-TS/effect-smol/tree/HEAD/packages/atom/react)
| `4.0.0-beta.83` | `4.0.0-beta.85` |
|
[@effect/platform-bun](https://github.com/Effect-TS/effect/tree/HEAD/packages/platform-bun)
| `4.0.0-beta.83` | `4.0.0-beta.85` |
|
[@effect/platform-node](https://github.com/Effect-TS/effect/tree/HEAD/packages/platform-node)
| `4.0.0-beta.83` | `4.0.0-beta.85` |
|
[@effect/sql-pg](https://github.com/Effect-TS/effect/tree/HEAD/packages/sql-pg)
| `4.0.0-beta.83` | `4.0.0-beta.85` |
|
[@effect/vitest](https://github.com/Effect-TS/effect/tree/HEAD/packages/vitest)
| `4.0.0-beta.84` | `4.0.0-beta.85` |
| [@nx/devkit](https://github.com/nrwl/nx/tree/HEAD/packages/devkit) |
`22.7.5` | `23.0.0` |
|
[@typescript/native-preview](https://github.com/microsoft/typescript-go)
| `7.0.0-dev.20260614.1` | `7.0.0-dev.20260621.1` |
|
[@vitest/coverage-istanbul](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-istanbul)
| `4.1.8` | `4.1.9` |
|
[effect](https://github.com/Effect-TS/effect/tree/HEAD/packages/effect)
| `4.0.0-beta.83` | `4.0.0-beta.85` |
| [knip](https://github.com/webpro-nl/knip/tree/HEAD/packages/knip) |
`6.16.1` | `6.17.1` |
| [oxfmt](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxfmt) |
`0.54.0` | `0.55.0` |
| [oxlint](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxlint) |
`1.69.0` | `1.70.0` |
| [tldts](https://github.com/remusao/tldts) | `6.1.86` | `7.4.3` |
|
[vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest)
| `4.1.8` | `4.1.9` |
Updates `verdaccio` from 6.7.2 to 6.7.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/verdaccio/verdaccio/releases">verdaccio's
releases</a>.</em></p>
<blockquote>
<h2>v6.7.4</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>0205c78: fix: run jwt middleware before middleware plugins</p>
<p>Register the JWT middleware before middleware plugins are loaded so
that
<code>req.remote_user</code> (anonymous by default) is available inside
a plugin's
<code>register_middlewares</code>. The API router keeps its own JWT
middleware behind a
guard so it is not executed twice.</p>
<p>Backport of <a
href="https://redirect.github.com/verdaccio/verdaccio/pull/5697">verdaccio/verdaccio#5697</a></p>
<p>Closes <a
href="https://redirect.github.com/verdaccio/verdaccio/issues/5167">#5167</a></p>
</li>
</ul>
<h2>v6.7.3</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>f8fdfc2: fix: enforce generated npm token metadata</p>
<p>Generated npm tokens (<code>POST /-/npm/v1/tokens</code>) stored
their <code>readonly</code> and
<code>cidr_whitelist</code> restrictions but never enforced them, and
deleting a token did
not revoke it for the package APIs. A token marked read-only or pinned
to a CIDR
range could still publish packages and change dist-tags, and a deleted
token
remained usable.</p>
<p>Generated tokens now embed a server-issued key (in the JWT claim, or
in the
encrypted legacy AES payload) and a new
<code>enforceGeneratedTokenMetadata</code>
middleware looks that key up on each request, rejecting the token when
it is
missing/revoked, used outside its CIDR whitelist, or used for a write
while
read-only. Enforcement applies to both AES and JWT API-token modes.</p>
<p>Note: tokens issued before upgrading carry no key and are not
retroactively
constrained — regenerate them to apply the restrictions.</p>
</li>
<li>
<p>be80623: fix: allow npm token create without
readonly/cidr_whitelist</p>
<p><code>npm token create</code> in npm >= 11 (and the npm 12
prereleases) rewrote the
request body: it no longer sends <code>readonly</code> and only sends
<code>cidr_whitelist</code>
when <code>--cidr</code> is passed. The <code>POST
/-/npm/v1/tokens</code> endpoint required both,
so modern npm clients failed with <code>422 the parameters are not
valid</code>.</p>
<p>The endpoint now defaults <code>readonly</code> to <code>false</code>
and <code>cidr_whitelist</code> to <code>[]</code>
when they are absent, while still rejecting values of the wrong
type.</p>
</li>
<li>
<p>75c85d5: Update verdaccio dependencies to the <code>latest</code> npm
dist-tag (<code>@verdaccio/ui-theme</code> tracks
<code>next-9</code>):</p>
<ul>
<li><code>@verdaccio/ui-theme</code>: <code>9.0.0-next-9.19</code> →
<code>9.0.0-next-9.20</code></li>
</ul>
</li>
<li>
<p>d5e5332: chore: update dependencies</p>
<p>Updates runtime dependencies <code>@verdaccio/ui-theme</code>
(<code>9.0.0-next-9.19</code>) and</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/verdaccio/verdaccio/blob/v6.7.4/CHANGELOG.md">verdaccio's
changelog</a>.</em></p>
<blockquote>
<h2>6.7.4</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>0205c78: fix: run jwt middleware before middleware plugins</p>
<p>Register the JWT middleware before middleware plugins are loaded so
that
<code>req.remote_user</code> (anonymous by default) is available inside
a plugin's
<code>register_middlewares</code>. The API router keeps its own JWT
middleware behind a
guard so it is not executed twice.</p>
<p>Backport of <a
href="https://redirect.github.com/verdaccio/verdaccio/pull/5697">verdaccio/verdaccio#5697</a></p>
<p>Closes <a
href="https://redirect.github.com/verdaccio/verdaccio/issues/5167">#5167</a></p>
</li>
</ul>
<h2>6.7.3</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>f8fdfc2: fix: enforce generated npm token metadata</p>
<p>Generated npm tokens (<code>POST /-/npm/v1/tokens</code>) stored
their <code>readonly</code> and
<code>cidr_whitelist</code> restrictions but never enforced them, and
deleting a token did
not revoke it for the package APIs. A token marked read-only or pinned
to a CIDR
range could still publish packages and change dist-tags, and a deleted
token
remained usable.</p>
<p>Generated tokens now embed a server-issued key (in the JWT claim, or
in the
encrypted legacy AES payload) and a new
<code>enforceGeneratedTokenMetadata</code>
middleware looks that key up on each request, rejecting the token when
it is
missing/revoked, used outside its CIDR whitelist, or used for a write
while
read-only. Enforcement applies to both AES and JWT API-token modes.</p>
<p>Note: tokens issued before upgrading carry no key and are not
retroactively
constrained — regenerate them to apply the restrictions.</p>
</li>
<li>
<p>be80623: fix: allow npm token create without
readonly/cidr_whitelist</p>
<p><code>npm token create</code> in npm >= 11 (and the npm 12
prereleases) rewrote the
request body: it no longer sends <code>readonly</code> and only sends
<code>cidr_whitelist</code>
when <code>--cidr</code> is passed. The <code>POST
/-/npm/v1/tokens</code> endpoint required both,
so modern npm clients failed with <code>422 the parameters are not
valid</code>.</p>
<p>The endpoint now defaults <code>readonly</code> to <code>false</code>
and <code>cidr_whitelist</code> to <code>[]</code>
when they are absent, while still rejecting values of the wrong
type.</p>
</li>
<li>
<p>75c85d5: Update verdaccio dependencies to the <code>latest</code> npm
dist-tag (<code>@verdaccio/ui-theme</code> tracks
<code>next-9</code>):</p>
<ul>
<li><code>@verdaccio/ui-theme</code>: <code>9.0.0-next-9.19</code> →
<code>9.0.0-next-9.20</code></li>
</ul>
</li>
<li>
<p>d5e5332: chore: update dependencies</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/verdaccio/verdaccio/commit/9570db1b87dfe9534121533f2d7f7f8efc782cf4"><code>9570db1</code></a>
chore: release 6.x (<a
href="https://redirect.github.com/verdaccio/verdaccio/issues/5963">#5963</a>)</li>
<li><a
href="https://github.com/verdaccio/verdaccio/commit/0205c78c37dfa2e3d0722f7b96b3cecf51bf08f6"><code>0205c78</code></a>
fix: run jwt middleware before middleware plugins (<a
href="https://redirect.github.com/verdaccio/verdaccio/issues/5962">#5962</a>)</li>
<li><a
href="https://github.com/verdaccio/verdaccio/commit/9d924e7e8a6aaddc65fd265f3309e58edcf208bb"><code>9d924e7</code></a>
chore: release 6.x (<a
href="https://redirect.github.com/verdaccio/verdaccio/issues/5950">#5950</a>)</li>
<li><a
href="https://github.com/verdaccio/verdaccio/commit/75c85d561a2025b0f345be13b394225bbf512638"><code>75c85d5</code></a>
chore: update verdaccio 6.x dependencies (<a
href="https://redirect.github.com/verdaccio/verdaccio/issues/5961">#5961</a>)</li>
<li><a
href="https://github.com/verdaccio/verdaccio/commit/d5e5332841ea8747924ca0c5d06b62db8f0720b3"><code>d5e5332</code></a>
fix: update core dependencies (<a
href="https://redirect.github.com/verdaccio/verdaccio/issues/5952">#5952</a>)</li>
<li><a
href="https://github.com/verdaccio/verdaccio/commit/be8062350fab80cbbcd4de8c6d3c819e6f86cee7"><code>be80623</code></a>
fix: allow npm token create without readonly/cidr_whitelist (<a
href="https://redirect.github.com/verdaccio/verdaccio/issues/5951">#5951</a>)</li>
<li><a
href="https://github.com/verdaccio/verdaccio/commit/f8fdfc2d97f3abd7d328a67c7090a31124c42502"><code>f8fdfc2</code></a>
fix: enforce generated npm token metadata (<a
href="https://redirect.github.com/verdaccio/verdaccio/issues/5945">#5945</a>)</li>
<li><a
href="https://github.com/verdaccio/verdaccio/commit/b491e8425f10d303c5ecab5c509ffc830269f2a6"><code>b491e84</code></a>
chore: update ci settings</li>
<li><a
href="https://github.com/verdaccio/verdaccio/commit/3a6c39389ec4393458d30c3863acc1802406f7da"><code>3a6c393</code></a>
chore: update ci settings</li>
<li><a
href="https://github.com/verdaccio/verdaccio/commit/b319f7ef6ae5cc22349998ef44e904a187b1d02d"><code>b319f7e</code></a>
fix(deps): update dependency express to v4.22.2 (<a
href="https://redirect.github.com/verdaccio/verdaccio/issues/5902">#5902</a>)</li>
<li>See full diff in <a
href="https://github.com/verdaccio/verdaccio/compare/v6.7.2...v6.7.4">compare
view</a></li>
</ul>
</details>
<br />
Updates `smol-toml` from 1.6.1 to 1.7.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/squirrelchat/smol-toml/releases">smol-toml's
releases</a>.</em></p>
<blockquote>
<h2>v1.7.0</h2>
<p>This version slightly changes the behaviour of stringify: integers
beyond the safe range are always emitted as float numbers.</p>
<p>String decode logic has been rewritten, it is a bit faster now and
uses a single-pass approach instead of a dual-pass approach as it did
previously. The code should be a bit smaller too, though I didn't
actually measure that.</p>
<p>The package is now published with source-maps, declaration-maps, and
a copy of the original TypeScript source files. This will improve your
DX if you're like me and like Ctrl+Click'ing things a lot. ;)</p>
<h2>What's Changed</h2>
<ul>
<li>improve performance of the string decode logic by <a
href="https://github.com/cyyynthia"><code>@cyyynthia</code></a></li>
<li>fix(stringify): emit integer-valued numbers beyond the safe-integer
range as floats by <a
href="https://github.com/spokodev"><code>@spokodev</code></a> in <a
href="https://redirect.github.com/squirrelchat/smol-toml/pull/56">squirrelchat/smol-toml#56</a></li>
<li>publish source-maps, declaration-maps, and original source files by
<a href="https://github.com/cyyynthia"><code>@cyyynthia</code></a></li>
<li>miscellaneous repository maintenance tasks by <a
href="https://github.com/cyyynthia"><code>@cyyynthia</code></a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/spokodev"><code>@spokodev</code></a>
made their first contribution in <a
href="https://redirect.github.com/squirrelchat/smol-toml/pull/56">squirrelchat/smol-toml#56</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/squirrelchat/smol-toml/compare/v1.6.1...v1.7.0">https://github.com/squirrelchat/smol-toml/compare/v1.6.1...v1.7.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/squirrelchat/smol-toml/commit/a62f06faf4e45ab0a581def86c116f9706edc9df"><code>a62f06f</code></a>
revert: keep using vite 7</li>
<li><a
href="https://github.com/squirrelchat/smol-toml/commit/89aa9a394ffc544dce77ab0ff24dfd8204e1f091"><code>89aa9a3</code></a>
chore: remove prepare script</li>
<li><a
href="https://github.com/squirrelchat/smol-toml/commit/17c797475f1516da6614e31a1be9f4958bf296c0"><code>17c7974</code></a>
chore: make devEngine more lax w/ node version</li>
<li><a
href="https://github.com/squirrelchat/smol-toml/commit/e5280a34630eb25086dca746bedda28ea21ec3d9"><code>e5280a3</code></a>
ci: checkout repo first</li>
<li><a
href="https://github.com/squirrelchat/smol-toml/commit/241c256ebda07b2d225c91b7468ed8c90d0e71df"><code>241c256</code></a>
chore: version bump</li>
<li><a
href="https://github.com/squirrelchat/smol-toml/commit/0bfe7f4667fa46122663b7b6114d9514dbd1a91f"><code>0bfe7f4</code></a>
chore: build cjs with rolldown instead of esbuild</li>
<li><a
href="https://github.com/squirrelchat/smol-toml/commit/e0620ab2ac89c40d291f33df41b110277b1acedf"><code>e0620ab</code></a>
chore: fmt</li>
<li><a
href="https://github.com/squirrelchat/smol-toml/commit/96114cb58312084286ae61470ba0f017b87b8023"><code>96114cb</code></a>
test: add tests for large integers</li>
<li><a
href="https://github.com/squirrelchat/smol-toml/commit/f4537b6b3763e761069efdd7d688711c8409645c"><code>f4537b6</code></a>
fix: handle missed edge-cases in string parse</li>
<li><a
href="https://github.com/squirrelchat/smol-toml/commit/7b39aed388cdc811189a6a3683fbee2f8d344244"><code>7b39aed</code></a>
chore: include source files in published package</li>
<li>Additional commits viewable in <a
href="https://github.com/squirrelchat/smol-toml/compare/v1.6.1...v1.7.0">compare
view</a></li>
</ul>
</details>
<br />
Updates `@supabase/supabase-js` from 2.108.1 to 2.108.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/supabase/supabase-js/releases">@supabase/supabase-js's
releases</a>.</em></p>
<blockquote>
<h2>v2.108.2</h2>
<h2>2.108.2 (2026-06-15)</h2>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>auth:</strong> preserve valid session on refresh failure and
cooldown repeat failures (<a
href="https://redirect.github.com/supabase/supabase-js/pull/2436">#2436</a>)</li>
<li><strong>realtime:</strong> clarify httpSend() 404 error and server
migration note (<a
href="https://redirect.github.com/supabase/supabase-js/pull/2444">#2444</a>)</li>
<li><strong>release:</strong> pin Deno and bound JSR publish to survive
stranded-task hangs (<a
href="https://redirect.github.com/supabase/supabase-js/pull/2439">#2439</a>)</li>
<li><strong>release:</strong> restore JSR publish flags and enable for
beta (<a
href="https://redirect.github.com/supabase/supabase-js/pull/2440">#2440</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Katerina Skroumpelou <a
href="https://github.com/mandarini"><code>@mandarini</code></a></li>
</ul>
<h2>v2.108.2-canary.5</h2>
<h2>2.108.2-canary.5 (2026-06-15)</h2>
<p>This was a version bump only, there were no code changes.</p>
<h2>v2.108.2-canary.4</h2>
<h2>2.108.2-canary.4 (2026-06-12)</h2>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>realtime:</strong> clarify httpSend() 404 error and server
migration note (<a
href="https://redirect.github.com/supabase/supabase-js/pull/2444">#2444</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Katerina Skroumpelou <a
href="https://github.com/mandarini"><code>@mandarini</code></a></li>
</ul>
<h2>v2.108.2-canary.3</h2>
<h2>2.108.2-canary.3 (2026-06-11)</h2>
<p>This was a version bump only, there were no code changes.</p>
<h2>v2.108.2-canary.2</h2>
<h2>2.108.2-canary.2 (2026-06-11)</h2>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>release:</strong> restore JSR publish flags and enable for
beta (<a
href="https://redirect.github.com/supabase/supabase-js/pull/2440">#2440</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Katerina Skroumpelou <a
href="https://github.com/mandarini"><code>@mandarini</code></a></li>
</ul>
<h2>v2.108.2-canary.1</h2>
<h2>2.108.2-canary.1 (2026-06-11)</h2>
<h3>🩹 Fixes</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/supabase/supabase-js/blob/master/packages/core/supabase-js/CHANGELOG.md">@supabase/supabase-js's
changelog</a>.</em></p>
<blockquote>
<h2>2.108.2 (2026-06-15)</h2>
<p>This was a version bump only for <code>@supabase/supabase-js</code>
to align it with other projects, there were no code changes.</p>
<h2>2.108.0 (2026-06-08)</h2>
<p>This was a version bump only for <code>@supabase/supabase-js</code>
to align it with other projects, there were no code changes.</p>
<h2>2.107.0 (2026-06-02)</h2>
<h3>🚀 Features</h3>
<ul>
<li><strong>auth:</strong> remove navigator.locks-based mutex; introduce
commit guard + dispose() (<a
href="https://redirect.github.com/supabase/supabase-js/pull/2392">#2392</a>)</li>
<li><strong>supabase:</strong> update X-Client-Info to structured
metadata format (<a
href="https://redirect.github.com/supabase/supabase-js/pull/2359">#2359</a>)</li>
<li><strong>realtime:</strong> allow httpSend to send binary payload (<a
href="https://redirect.github.com/supabase/supabase-js/pull/2400">#2400</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Claude Sonnet 4.6</li>
<li>Eduardo Gurgel</li>
<li>Guilherme Souza</li>
<li>Katerina Skroumpelou <a
href="https://github.com/mandarini"><code>@mandarini</code></a></li>
<li>Omar Al Matar <a
href="https://github.com/Bewinxed"><code>@Bewinxed</code></a></li>
</ul>
<h2>2.106.2 (2026-05-25)</h2>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>misc:</strong> add react-native export condition for
Hermes-safe resolution (<a
href="https://redirect.github.com/supabase/supabase-js/pull/2393">#2393</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Myroslav Hryhschenko <a
href="https://github.com/BLOCKMATERIAL"><code>@BLOCKMATERIAL</code></a></li>
</ul>
<h2>2.106.1 (2026-05-20)</h2>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>misc:</strong> hide dynamic import from hermesc (<a
href="https://redirect.github.com/supabase/supabase-js/pull/2381">#2381</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Katerina Skroumpelou <a
href="https://github.com/mandarini"><code>@mandarini</code></a></li>
</ul>
<h2>2.106.0 (2026-05-18)</h2>
<h3>🚀 Features</h3>
<ul>
<li><strong>supabase:</strong> W3C/OpenTelemetry trace context
propagation (<a
href="https://redirect.github.com/supabase/supabase-js/pull/2163">#2163</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/supabase/supabase-js/commit/76f3f0290525c53aafedaf9fc94fcc09953c2189"><code>76f3f02</code></a>
test(auth): add passkey unit and e2e coverage (<a
href="https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2442">#2442</a>)</li>
<li>See full diff in <a
href="https://github.com/supabase/supabase-js/commits/v2.108.2/packages/core/supabase-js">compare
view</a></li>
</ul>
</details>
<br />
Updates `@anthropic-ai/claude-agent-sdk` from 0.3.177 to 0.3.185
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anthropics/claude-agent-sdk-typescript/releases">@anthropic-ai/claude-agent-sdk's
releases</a>.</em></p>
<blockquote>
<h2>v0.3.185</h2>
<h2>What's changed</h2>
<ul>
<li>Updated to parity with Claude Code v2.1.185</li>
</ul>
<h2>Update</h2>
<pre lang="sh"><code>npm install @anthropic-ai/claude-agent-sdk@0.3.185
# or
yarn add @anthropic-ai/claude-agent-sdk@0.3.185
# or
pnpm add @anthropic-ai/claude-agent-sdk@0.3.185
# or
bun add @anthropic-ai/claude-agent-sdk@0.3.185
</code></pre>
<h2>v0.3.183</h2>
<h2>What's changed</h2>
<ul>
<li>Updated to parity with Claude Code v2.1.183</li>
</ul>
<h2>Update</h2>
<pre lang="sh"><code>npm install @anthropic-ai/claude-agent-sdk@0.3.183
# or
yarn add @anthropic-ai/claude-agent-sdk@0.3.183
# or
pnpm add @anthropic-ai/claude-agent-sdk@0.3.183
# or
bun add @anthropic-ai/claude-agent-sdk@0.3.183
</code></pre>
<h2>v0.3.181</h2>
<h2>What's changed</h2>
<ul>
<li>Added <code>errorCode</code>, <code>canUserPurchaseCredits</code>,
and <code>hasChargeableSavedPaymentMethod</code> fields to
<code>SDKRateLimitInfo</code> for detecting credits-required rate
limits</li>
<li>Added <code>tool_use_meta.icon_url</code> to assistant messages,
populated from MCP server directory metadata</li>
<li>Fixed SDK-hosted Remote Control sessions dropping
<code>file_attachments</code> from inbound user messages</li>
</ul>
<h2>Update</h2>
<pre lang="sh"><code>npm install @anthropic-ai/claude-agent-sdk@0.3.181
# or
yarn add @anthropic-ai/claude-agent-sdk@0.3.181
# or
pnpm add @anthropic-ai/claude-agent-sdk@0.3.181
# or
</tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/anthropics/claude-agent-sdk-typescript/blob/main/CHANGELOG.md">@anthropic-ai/claude-agent-sdk's
changelog</a>.</em></p>
<blockquote>
<h2>0.3.185</h2>
<ul>
<li>Updated to parity with Claude Code v2.1.185</li>
</ul>
<h2>0.3.184</h2>
<ul>
<li>Updated to parity with Claude Code v2.1.184</li>
</ul>
<h2>0.3.183</h2>
<ul>
<li>Updated to parity with Claude Code v2.1.183</li>
</ul>
<h2>0.3.182</h2>
<ul>
<li>Updated to parity with Claude Code v2.1.182</li>
</ul>
<h2>0.3.181</h2>
<ul>
<li>Added <code>errorCode</code>, <code>canUserPurchaseCredits</code>,
and <code>hasChargeableSavedPaymentMethod</code> fields to
<code>SDKRateLimitInfo</code> for detecting credits-required rate
limits</li>
<li>Added <code>tool_use_meta.icon_url</code> to assistant messages,
populated from MCP server directory metadata</li>
<li>Fixed SDK-hosted Remote Control sessions dropping
<code>file_attachments</code> from inbound user messages</li>
</ul>
<h2>0.3.180</h2>
<ul>
<li>Updated to parity with Claude Code v2.1.180</li>
</ul>
<h2>0.3.179</h2>
<ul>
<li>Added optional <code>tool_use_meta</code> sidecar to assistant
messages with display-friendly names for tool calls, so SDK consumers
can render human-readable labels instead of raw wire names</li>
<li>Fixed <code>-p</code> mode exiting before a completed background
agent's notification was delivered, causing interim text to ship as the
final result</li>
<li>Fixed remote (stream-json) sessions appearing busy for the entire
duration of a background workflow — the turn result is now emitted at
the turn boundary and the session reports idle while background tasks
continue</li>
</ul>
<h2>0.3.178</h2>
<ul>
<li>Spawn failures on an existing native binary now explain the likely
libc mismatch (musl binary on a glibc host) and suggest
<code>options.pathToClaudeCodeExecutable</code></li>
<li>Permission-denied advisory messages now carry typed denial reasons
(<code>safetyCheck</code>, <code>asyncAgent</code>), enabling SDK
consumers to programmatically match denial causes</li>
<li>Fixed <code>UserPromptSubmit</code> hook block feedback not being
emitted to the SDK event stream — consumers can now see why a prompt was
blocked by a hook instead of a silent hang</li>
<li>Remote Control workers now send a <code>worker_shutting_down</code>
system message on graceful exit so remote clients can show why the
session ended</li>
<li>Fixed MCP server-level specs (<code>mcp__server</code>,
<code>mcp__server__*</code>) in <code>disallowedTools</code> being
silently ignored — they now correctly remove all tools from the named
server</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/anthropics/claude-agent-sdk-typescript/commit/810e709450d3cd0444aa018501d2a5ab3477f439"><code>810e709</code></a>
chore: Update CHANGELOG.md</li>
<li><a
href="https://github.com/anthropics/claude-agent-sdk-typescript/commit/fc84d9383f5bf3a0cf65fd4f5379a82519fdb95f"><code>fc84d93</code></a>
chore: Update CHANGELOG.md</li>
<li><a
href="https://github.com/anthropics/claude-agent-sdk-typescript/commit/4d3840c936a4fda502e47e58a8bc7d014f363d24"><code>4d3840c</code></a>
chore: Update CHANGELOG.md</li>
<li><a
href="https://github.com/anthropics/claude-agent-sdk-typescript/commit/32753ee19ce670f6b320ad544d813854930bb02d"><code>32753ee</code></a>
chore: Update CHANGELOG.md</li>
<li><a
href="https://github.com/anthropics/claude-agent-sdk-typescript/commit/38722be05d4d21d6e438835c0a0177e81e2cffd2"><code>38722be</code></a>
chore: Update CHANGELOG.md</li>
<li>See full diff in <a
href="https://github.com/anthropics/claude-agent-sdk-typescript/compare/v0.3.177...v0.3.185">compare
view</a></li>
</ul>
</details>
<br />
Updates `@anthropic-ai/sdk` from 0.104.1 to 0.105.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anthropics/anthropic-sdk-typescript/releases">@anthropic-ai/sdk's
releases</a>.</em></p>
<blockquote>
<h2>sdk: v0.105.0</h2>
<h2>0.105.0 (2026-06-18)</h2>
<p>Full Changelog: <a
href="https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.104.2...sdk-v0.105.0">sdk-v0.104.2...sdk-v0.105.0</a></p>
<h3>Features</h3>
<ul>
<li><strong>api:</strong> add support for new code_execution_20260120
tool (<a
href="https://github.com/anthropics/anthropic-sdk-typescript/commit/8dc2b54ee9f19cfc0a8f5cb49d0e1b93f4a4cadd">8dc2b54</a>)</li>
<li><strong>stream:</strong> lazily parse partial tool json input (<a
href="https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/99">#99</a>)
(<a
href="https://github.com/anthropics/anthropic-sdk-typescript/commit/e55ceee5e3053ada96a7fe008b1fd6ebc0e42544">e55ceee</a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li><strong>internal/deps:</strong> bump swc to 1.15.40 (<a
href="https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/97">#97</a>)
(<a
href="https://github.com/anthropics/anthropic-sdk-typescript/commit/a1d4d7549251f88100f44b0350f6123c9cbea5ec">a1d4d75</a>)</li>
<li><strong>internal:</strong> use are the types wrong directly (<a
href="https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/94">#94</a>)
(<a
href="https://github.com/anthropics/anthropic-sdk-typescript/commit/3d362afd0aade3d18f10e61a5e4809c0bd495768">3d362af</a>)</li>
<li><strong>tests:</strong> stop using deprecated models (<a
href="https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/98">#98</a>)
(<a
href="https://github.com/anthropics/anthropic-sdk-typescript/commit/65ae1afee1bb76179c58e1758a48d668e3fcf7b3">65ae1af</a>)</li>
</ul>
<h2>sdk: v0.104.2</h2>
<h2>0.104.2 (2026-06-15)</h2>
<p>Full Changelog: <a
href="https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.104.1...sdk-v0.104.2">sdk-v0.104.1...sdk-v0.104.2</a></p>
<h3>Chores</h3>
<ul>
<li><strong>api:</strong> remove retired models from API and SDKs (<a
href="https://github.com/anthropics/anthropic-sdk-typescript/commit/a94287690a383ba34aa0d2ad9e0262eeb9241bd3">a942876</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/anthropics/anthropic-sdk-typescript/blob/main/CHANGELOG.md">@anthropic-ai/sdk's
changelog</a>.</em></p>
<blockquote>
<h2>0.105.0 (2026-06-18)</h2>
<p>Full Changelog: <a
href="https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.104.2...sdk-v0.105.0">sdk-v0.104.2...sdk-v0.105.0</a></p>
<h3>Features</h3>
<ul>
<li><strong>api:</strong> add support for new code_execution_20260120
tool (<a
href="https://github.com/anthropics/anthropic-sdk-typescript/commit/8dc2b54ee9f19cfc0a8f5cb49d0e1b93f4a4cadd">8dc2b54</a>)</li>
<li><strong>stream:</strong> lazily parse partial tool json input (<a
href="https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/99">#99</a>)
(<a
href="https://github.com/anthropics/anthropic-sdk-typescript/commit/e55ceee5e3053ada96a7fe008b1fd6ebc0e42544">e55ceee</a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li><strong>internal/deps:</strong> bump swc to 1.15.40 (<a
href="https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/97">#97</a>)
(<a
href="https://github.com/anthropics/anthropic-sdk-typescript/commit/a1d4d7549251f88100f44b0350f6123c9cbea5ec">a1d4d75</a>)</li>
<li><strong>internal:</strong> use are the types wrong directly (<a
href="https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/94">#94</a>)
(<a
href="https://github.com/anthropics/anthropic-sdk-typescript/commit/3d362afd0aade3d18f10e61a5e4809c0bd495768">3d362af</a>)</li>
<li><strong>tests:</strong> stop using deprecated models (<a
href="https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/98">#98</a>)
(<a
href="https://github.com/anthropics/anthropic-sdk-typescript/commit/65ae1afee1bb76179c58e1758a48d668e3fcf7b3">65ae1af</a>)</li>
</ul>
<h2>0.104.2 (2026-06-15)</h2>
<p>Full Changelog: <a
href="https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.104.1...sdk-v0.104.2">sdk-v0.104.1...sdk-v0.104.2</a></p>
<h3>Chores</h3>
<ul>
<li><strong>api:</strong> remove retired models from API and SDKs (<a
href="https://github.com/anthropics/anthropic-sdk-typescript/commit/a94287690a383ba34aa0d2ad9e0262eeb9241bd3">a942876</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/anthropics/anthropic-sdk-typescript/commit/ab700dc013e735b80dead115fcae52fba83f1aeb"><code>ab700dc</code></a>
chore: release main</li>
<li><a
href="https://github.com/anthropics/anthropic-sdk-typescript/commit/a3225175d067110fc0e9152ed2699540455aa4ce"><code>a322517</code></a>
feat(api): add support for new code_execution_20260120 tool</li>
<li><a
href="https://github.com/anthropics/anthropic-sdk-typescript/commit/65a01068857f521d27d8963152cd3e66cbe232ad"><code>65a0106</code></a>
feat(stream): lazily parse partial tool json input (<a
href="https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/99">#99</a>)</li>
<li><a
href="https://github.com/anthropics/anthropic-sdk-typescript/commit/384ab5179b6120fa6c3fdc37fabb1baba23a1d73"><code>384ab51</code></a>
chore(tests): stop using deprecated models (<a
href="https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/98">#98</a>)</li>
<li><a
href="https://github.com/anthropics/anthropic-sdk-typescript/commit/a49a19143ae0b13fc5312058c008c5a39250cd96"><code>a49a191</code></a>
chore(internal/deps): bump swc to 1.15.40 (<a
href="https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/97">#97</a>)</li>
<li><a
href="https://github.com/anthropics/anthropic-sdk-typescript/commit/7ac63f3b566c898fa9ce3eaced546da5cf0e3014"><code>7ac63f3</code></a>
chore(internal): use are the types wrong directly (<a
href="https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/94">#94</a>)</li>
<li><a
href="https://github.com/anthropics/anthropic-sdk-typescript/commit/fbee0d149ce08532885d766d9b1dc99133181d8e"><code>fbee0d1</code></a>
chore: release main</li>
<li><a
href="https://github.com/anthropics/anthropic-sdk-typescript/commit/e984ba4942d0e9660690910c4a7c7325b1fe3607"><code>e984ba4</code></a>
chore(api): remove retired models from API and SDKs</li>
<li>See full diff in <a
href="https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.104.1...sdk-v0.105.0">compare
view</a></li>
</ul>
</details>
<br />
Updates `@clack/prompts` from 1.5.1 to 1.6.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bombshell-dev/clack/releases">@clack/prompts's
releases</a>.</em></p>
<blockquote>
<h2><code>@clack/prompts</code><a
href="https://github.com/1"><code>@1</code></a>.6.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/bombshell-dev/clack/pull/568">#568</a>
<a
href="https://github.com/bombshell-dev/clack/commit/f87933fb7b3f4c401b9e51a152b95cb8e7200fe5"><code>f87933f</code></a>
Thanks <a
href="https://github.com/florian-lefebvre"><code>@florian-lefebvre</code></a>!
- Updates default formatter of <code>note()</code> to note dim lines
anymore</p>
<p>If you want the old behavior, provide a <code>format()</code>
function:</p>
<pre lang="diff"><code>import { note } from '@clack/prompts';
+import { styleText } from 'node:util';
<p>note(
'You can edit the file src/index.jsx',
'Next steps.'</p>
<ul>
<li>{ format: (text) => styleText('dim', text) }
);
</code></pre></li>
</ul>
</li>
<li>
<p><a
href="https://redirect.github.com/bombshell-dev/clack/pull/567">#567</a>
<a
href="https://github.com/bombshell-dev/clack/commit/cc6aab50186cff8a02dc98e9cfd3897c29a33b15"><code>cc6aab5</code></a>
Thanks <a
href="https://github.com/dreyfus92"><code>@dreyfus92</code></a>! - Add
keyboard instruction footers to <code>select</code>,
<code>multiselect</code>, and <code>groupMultiselect</code> in the
active state, matching autocomplete. No option — always shown.</p>
</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [<a
href="https://github.com/bombshell-dev/clack/commit/2f2b52f77cbfa9af618c6d929249ab8395fc37a1"><code>2f2b52f</code></a>,
<a
href="https://github.com/bombshell-dev/clack/commit/e1b6ee71a76e17a3c33ba7ee6e5fb34e886233bb"><code>e1b6ee7</code></a>]:
<ul>
<li><code>@clack/core</code><a
href="https://github.com/1"><code>@1</code></a>.4.2</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/bombshell-dev/clack/blob/main/packages/prompts/CHANGELOG.md">@clack/prompts's
changelog</a>.</em></p>
<blockquote>
<h2>1.6.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/bombshell-dev/clack/pull/568">#568</a>
<a
href="https://github.com/bombshell-dev/clack/commit/f87933fb7b3f4c401b9e51a152b95cb8e7200fe5"><code>f87933f</code></a>
Thanks <a
href="https://github.com/florian-lefebvre"><code>@florian-lefebvre</code></a>!
- Updates default formatter of <code>note()</code> to note dim lines
anymore</p>
<p>If you want the old behavior, provide a <code>format()</code>
function:</p>
<pre lang="diff"><code>import { note } from '@clack/prompts';
+import { styleText } from 'node:util';
<p>note(
'You can edit the file src/index.jsx',
'Next steps.'</p>
<ul>
<li>{ format: (text) => styleText('dim', text) }
);
</code></pre></li>
</ul>
</li>
<li>
<p><a
href="https://redirect.github.com/bombshell-dev/clack/pull/567">#567</a>
<a
href="https://github.com/bombshell-dev/clack/commit/cc6aab50186cff8a02dc98e9cfd3897c29a33b15"><code>cc6aab5</code></a>
Thanks <a
href="https://github.com/dreyfus92"><code>@dreyfus92</code></a>! - Add
keyboard instruction footers to <code>select</code>,
<code>multiselect</code>, and <code>groupMultiselect</code> in the
active state, matching autocomplete. No option — always shown.</p>
</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [<a
href="https://github.com/bombshell-dev/clack/commit/2f2b52f77cbfa9af618c6d929249ab8395fc37a1"><code>2f2b52f</code></a>,
<a
href="https://github.com/bombshell-dev/clack/commit/e1b6ee71a76e17a3c33ba7ee6e5fb34e886233bb"><code>e1b6ee7</code></a>]:
<ul>
<li><code>@clack/core</code><a
href="https://github.com/1"><code>@1</code></a>.4.2</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/bombshell-dev/clack/commit/0e700562dfb54bd693d98c5b7e28d34213fcb226"><code>0e70056</code></a>
[ci] release (<a
href="https://github.com/bombshell-dev/clack/tree/HEAD/packages/prompts/issues/562">#562</a>)</li>
<li><a
href="https://github.com/bombshell-dev/clack/commit/f87933fb7b3f4c401b9e51a152b95cb8e7200fe5"><code>f87933f</code></a>
fix(prompts): do not dim note contents (<a
href="https://github.com/bombshell-dev/clack/tree/HEAD/packages/prompts/issues/568">#568</a>)</li>
<li><a
href="https://github.com/bombshell-dev/clack/commit/cc6aab50186cff8a02dc98e9cfd3897c29a33b15"><code>cc6aab5</code></a>
feat(prompts): add instructions footer for <code>select</code>,
<code>multi-select</code> & `group-...</li>
<li>See full diff in <a
href="https://github.com/bombshell-dev/clack/commits/@clack/prompts@1.6.0/packages/prompts">compare
view</a></li>
</ul>
</details>
<br />
Updates `ink` from 7.0.6 to 7.1.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vadimdemedes/ink/releases">ink's
releases</a>.</em></p>
<blockquote>
<h2>v7.1.0</h2>
<ul>
<li>Add <a
href="https://github.com/vadimdemedes/ink#suspendterminalcallback"><code>suspendTerminal()</code></a>
to hand the terminal to a child process (<a
href="https://redirect.github.com/vadimdemedes/ink/issues/972">#972</a>)
9e8ed1f</li>
</ul>
<hr />
<p><a
href="https://github.com/vadimdemedes/ink/compare/v7.0.6...v7.1.0">https://github.com/vadimdemedes/ink/compare/v7.0.6...v7.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/vadimdemedes/ink/commit/25766aec618bd62030069f57dd081e5ebdd46add"><code>25766ae</code></a>
7.1.0</li>
<li><a
href="https://github.com/vadimdemedes/ink/commit/9e8ed1f005db0e975817983665f5c68884c6c232"><code>9e8ed1f</code></a>
Add <code>suspendTerminal()</code> to hand the terminal to a child
process (<a
href="https://redirect.github.com/vadimdemedes/ink/issues/972">#972</a>)</li>
<li>See full diff in <a
href="https://github.com/vadimdemedes/ink/compare/v7.0.6...v7.1.0">compare
view</a></li>
</ul>
</details>
<br />
Updates `pg` from 8.21.0 to 8.22.0
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/brianc/node-postgres/blob/master/CHANGELOG.md">pg's
changelog</a>.</em></p>
<blockquote>
<h2>pg@8.22.0</h2>
<ul>
<li>Add support for <a
href="https://redirect.github.com/brianc/node-postgres/pull/3688">sslnegotiation=direct</a>
for PostgreSQL 17+.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/brianc/node-postgres/commit/b617619f9fb6fbd231731823e2732a2927ded4be"><code>b617619</code></a>
Publish</li>
<li><a
href="https://github.com/brianc/node-postgres/commit/d80b2612fbe83ed8234637f20b943d85e4331094"><code>d80b261</code></a>
Update docs & changelog</li>
<li><a
href="https://github.com/brianc/node-postgres/commit/835fb83ab9e1cf30fa8367ba42bd633720d71832"><code>835fb83</code></a>
Fix error handling for exceptions on values parsing. (<a
href="https://github.com/brianc/node-postgres/tree/HEAD/packages/pg/issues/3574">#3574</a>)</li>
<li><a
href="https://github.com/brianc/node-postgres/commit/f49ab4a9795ae0866409f9bfe52a68b4f65ef024"><code>f49ab4a</code></a>
fix: correct spelling mistakes across codebase (<a
href="https://github.com/brianc/node-postgres/tree/HEAD/packages/pg/issues/3692">#3692</a>)</li>
<li><a
href="https://github.com/brianc/node-postgres/commit/d7175a4aa0347b7416109e9ecc61d4d235486d0e"><code>d7175a4</code></a>
Expand CI matrix of PG versions and add direct SSL test (<a
href="https://github.com/brianc/node-postgres/tree/HEAD/packages/pg/issues/3693">#3693</a>)</li>
<li><a
href="https://github.com/brianc/node-postgres/commit/882fc308cce7bf136cd1448e00395f760dad3e00"><code>882fc30</code></a>
Add support for sslnegotiation=direct (PostgreSQL 17) (<a
href="https://github.com/brianc/node-postgres/tree/HEAD/packages/pg/issues/3688">#3688</a>)</li>
<li>See full diff in <a
href="https://github.com/brianc/node-postgres/commits/pg@8.22.0/packages/pg">compare
view</a></li>
</ul>
</details>
<br />
Updates `posthog-node` from 5.37.0 to 5.38.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/PostHog/posthog-js/releases">posthog-node's
releases</a>.</em></p>
<blockquote>
<h2>posthog-node@5.38.2</h2>
<h2>5.38.2</h2>
<h3>Patch Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/PostHog/posthog-js/pull/3903">#3903</a>
<a
href="https://github.com/PostHog/posthog-js/commit/6b21f77291aeea64ce8229eb28196d1acacc20ce"><code>6b21f77</code></a>
Thanks <a
href="https://github.com/marandaneto"><code>@marandaneto</code></a>! -
Validate custom event UUID overrides and generate new UUIDs when
invalid.
(2026-06-19)</li>
<li>Updated dependencies [<a
href="https://github.com/PostHog/posthog-js/commit/6b21f77291aeea64ce8229eb28196d1acacc20ce"><code>6b21f77</code></a>]:
<ul>
<li><code>@posthog/core</code><a
href="https://github.com/1"><code>@1</code></a>.35.3</li>
</ul>
</li>
</ul>
<h2>posthog-node@5.38.1</h2>
<h2>5.38.1</h2>
<h3>Patch Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/PostHog/posthog-js/pull/3886">#3886</a>
<a
href="https://github.com/PostHog/posthog-js/commit/e6d7fe2a5f10d29b3df69392f584970e7a7a4561"><code>e6d7fe2</code></a>
Thanks <a
href="https://github.com/marandaneto"><code>@marandaneto</code></a>! -
Stop sending deprecated no-op top-level <code>type</code>,
<code>library</code>, and <code>library_version</code> fields in event
batch payloads. Use <code>properties.$lib</code> and
<code>properties.$lib_version</code> for SDK metadata; legacy queued
<code>library</code> and <code>library_version</code> values are used as
fallbacks when the official <code>$</code> properties are missing.
(2026-06-18)</li>
<li>Updated dependencies [<a
href="https://github.com/PostHog/posthog-js/commit/e6d7fe2a5f10d29b3df69392f584970e7a7a4561"><code>e6d7fe2</code></a>]:
<ul>
<li><code>@posthog/core</code><a
href="https://github.com/1"><code>@1</code></a>.35.2</li>
</ul>
</li>
</ul>
<h2>posthog-node@5.38.0</h2>
<h2>5.38.0</h2>
<h3>Minor Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/PostHog/posthog-js/pull/3845">#3845</a>
<a
href="https://github.com/PostHog/posthog-js/commit/a0553b305679f995e244cad7498c7521cb4c849d"><code>a0553b3</code></a>
Thanks <a
href="https://github.com/marandaneto"><code>@marandaneto</code></a>! -
Add <code>setPersonProperties()</code> and
<code>unsetPersonProperties()</code> helpers to manage person properties
from the Node.js SDK.
(2026-06-16)</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [<a
href="https://github.com/PostHog/posthog-js/commit/b3ec8453d3678bd7ab6737b25bae003e61117ef9"><code>b3ec845</code></a>,
<a
href="https://github.com/PostHog/posthog-js/commit/c6c163aefb093d5609977ae243b056f96a2d3b4e"><code>c6c163a</code></a>]:
<ul>
<li><code>@posthog/core</code><a
href="https://github.com/1"><code>@1</code></a>.33.0</li>
</ul>
</li>
</ul>
<h2>posthog-node@5.37.1</h2>
<h2>5.37.1</h2>
<h3>Patch Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/PostHog/posthog-js/pull/3837">#3837</a>
<a
href="https://github.com/PostHog/posthog-js/commit/29bf8e386a4050531e9cfd906c33b75945fcb6ad"><code>29bf8e3</code></a>
Thanks <a
href="https://github.com/marandaneto"><code>@marandaneto</code></a>! -
Add missing bugs metadata to package manifests.
(2026-06-15)</li>
<li>Updated dependencies [<a
href="https://github.com/PostHog/posthog-js/commit/29bf8e386a4050531e9cfd906c33b75945fcb6ad"><code>29bf8e3</code></a>]:
<ul>
<li><code>@posthog/core</code><a
href="https://github.com/1"><code>@1</code></a>.32.4</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/PostHog/posthog-js/blob/main/packages/node/CHANGELOG.md">posthog-node's
changelog</a>.</em></p>
<blockquote>
<h2>5.38.2</h2>
<h3>Patch Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/PostHog/posthog-js/pull/3903">#3903</a>
<a
href="https://github.com/PostHog/posthog-js/commit/6b21f77291aeea64ce8229eb28196d1acacc20ce"><code>6b21f77</code></a>
Thanks <a
href="https://github.com/marandaneto"><code>@marandaneto</code></a>! -
Validate custom event UUID overrides and generate new UUIDs when
invalid.
(2026-06-19)</li>
<li>Updated dependencies [<a
href="https://github.com/PostHog/posthog-js/commit/6b21f77291aeea64ce8229eb28196d1acacc20ce"><code>6b21f77</code></a>]:
<ul>
<li><code>@posthog/core</code><a
href="https://github.com/1"><code>@1</code></a>.35.3</li>
</ul>
</li>
</ul>
<h2>5.38.1</h2>
<h3>Patch Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/PostHog/posthog-js/pull/3886">#3886</a>
<a
href="https://github.com/PostHog/posthog-js/commit/e6d7fe2a5f10d29b3df69392f584970e7a7a4561"><code>e6d7fe2</code></a>
Thanks <a
href="https://github.com/marandaneto"><code>@marandaneto</code></a>! -
Stop sending deprecated no-op top-level <code>type</code>,
<code>library</code>, and <code>library_version</code> fields in event
batch payloads. Use <code>properties.$lib</code> and
<code>properties.$lib_version</code> for SDK metadata; legacy queued
<code>library</code> and <code>library_version</code> values are used as
fallbacks when the official <code>$</code> properties are missing.
(2026-06-18)</li>
<li>Updated dependencies [<a
href="https://github.com/PostHog/posthog-js/commit/e6d7fe2a5f10d29b3df69392f584970e7a7a4561"><code>e6d7fe2</code></a>]:
<ul>
<li><code>@posthog/core</code><a
href="https://github.com/1"><code>@1</code></a>.35.2</li>
</ul>
</li>
</ul>
<h2>5.38.0</h2>
<h3>Minor Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/PostHog/posthog-js/pull/3845">#3845</a>
<a
href="https://github.com/PostHog/posthog-js/commit/a0553b305679f995e244cad7498c7521cb4c849d"><code>a0553b3</code></a>
Thanks <a
href="https://github.com/marandaneto"><code>@marandaneto</code></a>! -
Add <code>setPersonProperties()</code> and
<code>unsetPersonProperties()</code> helpers to manage person properties
from the Node.js SDK.
(2026-06-16)</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [<a
href="https://github.com/PostHog/posthog-js/commit/b3ec8453d3678bd7ab6737b25bae003e61117ef9"><code>b3ec845</code></a>,
<a
href="https://github.com/PostHog/posthog-js/commit/c6c163aefb093d5609977ae243b056f96a2d3b4e"><code>c6c163a</code></a>]:
<ul>
<li><code>@posthog/core</code><a
href="https://github.com/1"><code>@1</code></a>.33.0</li>
</ul>
</li>
</ul>
<h2>5.37.1</h2>
<h3>Patch Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/PostHog/posthog-js/pull/3837">#3837</a>
<a
href="https://github.com/PostHog/posthog-js/commit/29bf8e386a4050531e9cfd906c33b75945fcb6ad"><code>29bf8e3</code></a>
Thanks <a
href="https://github.com/marandaneto"><code>@marandaneto</code></a>! -
Add missing bugs metadata to package manifests.
(2026-06-15)</li>
<li>Updated dependencies [<a
href="https://github.com/PostHog/posthog-js/commit/29bf8e386a4050531e9cfd906c33b75945fcb6ad"><code>29bf8e3</code></a>]:
<ul>
<li><code>@posthog/core</code><a
href="https://github.com/1"><code>@1</code></a>.32.4</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/PostHog/posthog-js/commit/b0bd00ff7279fdb3f3bc9c993e7fc2f24710c50e"><code>b0bd00f</code></a>
chore: update versions and lockfile [version bump]</li>
<li><a
href="https://github.com/PostHog/posthog-js/commit/6b21f77291aeea64ce8229eb28196d1acacc20ce"><code>6b21f77</code></a>
fix: validate custom event UUIDs (<a
href="https://github.com/PostHog/posthog-js/tree/HEAD/packages/node/issues/3903">#3903</a>)</li>
<li><a
href="https://github.com/PostHog/posthog-js/commit/229efffbe56e56d387db0ce5f8848093843ce73d"><code>229efff</code></a>
chore: update versions and lockfile [version bump]</li>
<li><a
href="https://github.com/PostHog/posthog-js/commit/e6d7fe2a5f10d29b3df69392f584970e7a7a4561"><code>e6d7fe2</code></a>
fix: remove ignored batch metadata fields (<a
href="https://github.com/PostHog/posthog-js/tree/HEAD/packages/node/issues/3886">#3886</a>)</li>
<li><a
href="https://github.com/PostHog/posthog-js/commit/f4955109eaaeaad43462acd5384b53a86dedbdcd"><code>f495510</code></a>
chore: update versions and lockfile [version bump]</li>
<li><a
href="https://github.com/PostHog/posthog-js/commit/bd07ec42968ada9099a31cf7d61b106af22267ca"><code>bd07ec4</code></a>
feat(flags): add disableRemoteFeatureFlags option and runtime
updateFlags (<a
href="https://github.com/PostHog/posthog-js/tree/HEAD/packages/node/issues/3">#3</a>...</li>
<li><a
href="https://github.com/PostHog/posthog-js/commit/4ff3bb3c3feac6c3c62213dacad20cee5073ed05"><code>4ff3bb3</code></a>
chore: update versions and lockfile [version bump]</li>
<li><a
href="https://github.com/PostHog/posthog-js/commit/a0553b305679f995e244cad7498c7521cb4c849d"><code>a0553b3</code></a>
feat(node): add person property helpers (<a
href="https://github.com/PostHog/posthog-js/tree/HEAD/packages/node/issues/3845">#3845</a>)</li>
<li><a
href="https://github.com/PostHog/posthog-js/commit/70d3ddedf9db17572fcdad276439809644607ccc"><code>70d3dde</code></a>
chore: Generate versioned references only on release (<a
href="https://github.com/PostHog/posthog-js/tree/HEAD/packages/node/issues/3858">#3858</a>)</li>
<li><a
href="https://github.com/PostHog/posthog-js/commit/47aea13be9b6a9c61f7ef16fb683adc7a669a37f"><code>47aea13</code></a>
chore: update versions and lockfile [version bump]</li>
<li>Additional commits viewable in <a
href="https://github.com/PostHog/posthog-js/commits/posthog-node@5.38.2/packages/node">compare
view</a></li>
</ul>
</details>
<br />
Updates `fumadocs-core` from 16.10.2 to 16.10.5
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/fuma-nama/fumadocs/commit/7365d6327cc7befad39fad085c14e71edad8546f"><code>7365d63</code></a>
Version Packages (<a
href="https://redirect.github.com/fuma-nama/fumadocs/issues/3366">#3366</a>)</li>
<li><a
href="https://github.com/fuma-nama/fumadocs/commit/23c00f221174ef8295778f86ad518604dcbb8185"><code>23c00f2</code></a>
fix(openapi): fix typescript definitions name</li>
<li><a
href="https://github.com/fuma-nama/fumadocs/commit/4fe2821cbbc612d2fad1647a94492afd46031822"><code>4fe2821</code></a>
fix(openapi): fix usage tabs</li>
<li><a
href="https://github.com/fuma-nama/fumadocs/commit/58c2574bf125ab05a9d11e9625393655be83637f"><code>58c2574</code></a>
fix custom script</li>
<li><a
href="https://github.com/fuma-nama/fumadocs/commit/1a323a6e988b4ca6f4cc93401934aad7d9f99745"><code>1a323a6</code></a>
dedupe deps</li>
<li><a
href="https://github.com/fuma-nama/fumadocs/commit/19955f37d7eee23b19ce3376474551c838cc582d"><code>19955f3</code></a>
fix(ui): use <code>prompt</code> query param for "Open in
ChatGPT" page action (<a
href="https://redirect.github.com/fuma-nama/fumadocs/issues/3365">#3365</a>)</li>
<li><a
href="https://github.com/fuma-nama/fumadocs/commit/c903a684d410d7d9e516a1ce0c723724be7b8022"><code>c903a68</code></a>
Version Packages (<a
href="https://redirect.github.com/fuma-nama/fumadocs/issues/3363">#3363</a>)</li>
<li><a
href="https://github.com/fuma-nama/fumadocs/commit/ae508485ab626667a4c76776451313fd1e46d868"><code>ae50848</code></a>
feat(core): support react router v8</li>
<li><a
href="https://github.com/fuma-nama/fumadocs/commit/bd9a9d001b57b79a346f5dcc8ea2b87802794c64"><code>bd9a9d0</code></a>
update tegami</li>
<li><a
href="https://github.com/fuma-nama/fumadocs/commit/88ce9d9614c2edc07307f4733e73cae7a2c863ca"><code>88ce9d9</code></a>
refactor: use Tegami</li>
<li>Additional commits viewable in <a
href="https://github.com/fuma-nama/fumadocs/compare/fumadocs-core@16.10.2...fumadocs@16.10.5">compare
view</a></li>
</ul>
</details>
<br />
Updates `fumadocs-ui` from 16.10.2 to 16.10.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/fuma-nama/fumadocs/releases">fumadocs-ui's
releases</a>.</em></p>
<blockquote>
<h2>fumadocs-ui@16.10.3</h2>
<h3>Patch Changes</h3>
<ul>
<li>5499f59: type-safe provider props
<ul>
<li>fumadocs-core@16.10.3</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/fuma-nama/fumadocs/commit/7365d6327cc7befad39fad085c14e71edad8546f"><code>7365d63</code></a>
Version Packages (<a
href="https://redirect.github.com/fuma-nama/fumadocs/issues/3366">#3366</a>)</li>
<li><a
href="https://github.com/fuma-nama/fumadocs/commit/23c00f221174ef8295778f86ad518604dcbb8185"><code>23c00f2</code></a>
fix(openapi): fix typescript definitions name</li>
<li><a
href="https://github.com/fuma-nama/fumadocs/commit/4fe2821cbbc612d2fad1647a94492afd46031822"><code>4fe2821</code></a>
fix(openapi): fix usage tabs</li>
<li><a
href="https://github.com/fuma-nama/fumadocs/commit/58c2574bf125ab05a9d11e9625393655be83637f"><code>58c2574</code></a>
fix custom script</li>
<li><a
href="https://github.com/fuma-nama/fumadocs/commit/1a323a6e988b4ca6f4cc93401934aad7d9f99745"><code>1a323a6</code></a>
dedupe deps</li>
<li><a
href="https://github.com/fuma-nama/fumadocs/commit/19955f37d7eee23b19ce3376474551c838cc582d"><code>19955f3</code></a>
fix(ui): use <code>prompt</code> query param for "Open in
ChatGPT" page action (<a
href="https://redirect.github.com/fuma-nama/fumadocs/issues/3365">#3365</a>)</li>
<li><a
href="https://github.com/fuma-nama/fumadocs/commit/c903a684d410d7d9e516a1ce0c723724be7b8022"><code>c903a68</code></a>
Version Packages (<a
href="https://redirect.github.com/fuma-nama/fumadocs/issues/3363">#3363</a>)</li>
<li><a
href="https://github.com/fuma-nama/fumadocs/commit/ae508485ab626667a4c76776451313fd1e46d868"><code>ae50848</code></a>
feat(core): support react router v8</li>
<li><a
href="https://github.com/fuma-nama/fumadocs/commit/bd9a9d001b57b79a346f5dcc8ea2b87802794c64"><code>bd9a9d0</code></a>
update tegami</li>
<li><a
href="https://github.com/fuma-nama/fumadocs/commit/88ce9d9614c2edc07307f4733e73cae7a2c863ca"><code>88ce9d9</code></a>
refactor: use Tegami</li>
<li>Additional commits viewable in <a
href="https://github.com/fuma-nama/fumadocs/compare/fumadocs-ui@16.10.2...fumadocs@16.10.5">compare
view</a></li>
</ul>
</details>
<br />
Updates `@types/node` from 25.9.3 to 26.0.0
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare
view</a></li>
</ul>
</details>
<br />
Updates `@effect/atom-react` from 4.0.0-beta.83 to 4.0.0-beta.85
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Effect-TS/effect-smol/blob/main/packages/atom/react/CHANGELOG.md">@effect/atom-react's
changelog</a>.</em></p>
<blockquote>
<h2>4.0.0-beta.85</h2>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [<a
href="https://github.com/Effect-TS/effect-smol/commit/328d97cc53c0dcb89077a5623e35b095eaa59a8c"><code>328d97c</code></a>,
<a
href="https://github.com/Effect-TS/effect-smol/commit/8441836e6dde70e8ae2126be9cefe9b45798b134"><code>8441836</code></a>,
<a
href="https://github.com/Effect-TS/effect-smol/commit/074e4361091289104cb0ab6959dc3b0ea7794a6a"><code>074e436</code></a>,
<a
href="https://github.com/Effect-TS/effect-smol/commit/c1dfd60663eb13a58916f3712d877499943b628a"><code>c1dfd60</code></a>,
<a
href="https://github.com/Effect-TS/effect-smol/commit/2ba316bd15fcbf1c50626500d44a2c9b3bec19f5"><code>2ba316b</code></a>,
<a
href="https://github.com/Effect-TS/effect-smol/commit/7ce7344c41056c79e2ee19ee6a9346c0f1d227c1"><code>7ce7344</code></a>]:
<ul>
<li>effect@4.0.0-beta.85</li>
</ul>
</li>
</ul>
<h2>4.0.0-beta.84</h2>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [<a
href="https://github.com/Effect-TS/effect-smol/commit/87f52ba16c4370ffa3f84bf8e53038e1419c284e"><code>87f52ba</code></a>,
<a
href="https://github.com/Effect-TS/effect-smol/commit/b8ee07ffda8903b5ec2e45a786ddcba59f128fda"><code>b8ee07f</code></a>,
<a
href="https://github.com/Effect-TS/effect-smol/commit/867c0d70a09079b040260d45a1e92ff04dbfbf2f"><code>867c0d7</code></a>,
<a
href="https://github.com/Effect-TS/effect-smol/commit/b93bc6c9cb27b909a41d094c97c4f9d25bbc6d6b"><code>b93bc6c</code></a>,
<a
href="https://github.com/Effect-TS/effect-smol/commit/57d387f92c30ab63e15e3e641f0a903b65886610"><code>57d387f</code></a>,
<a
href="https://github.com/Effect-TS/effect-smol/commit/bacca4141c2400effae1eabfdb36c89a459cf246"><code>bacca41</code></a>,
<a
href="https://github.com/Effect-TS/effect-smol/commit/0f8ac7959d29ed68c68ce25aabd6bf0cb7e63ecc"><code>0f8ac79</code></a>,
<a
href="https://github.com/Effect-TS/effect-smol/commit/25b448270c01317703f25107e1480d4cd0246d9a"><code>25b4482</code></a>,
<a
href="https://github.com/Effect-TS/effect-smol/commit/9cf3a25c66b0c44a52be9829870c44517ea52db2"><code>9cf3a25</code></a>,
<a
href="https://github.com/Effect-TS/effect-smol/commit/8def7674b1787f91035298cda4d122937e87ef72"><code>8def767</code></a>]:
<ul>
<li>effect@4.0.0-beta.84</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/Effect-TS/effect-smol/commit/a2fd7ef805f10babae275505873b4fa9a936bc6e"><code>a2fd7ef</code></a>
Version Packages (beta) (<a
href="https://github.com/Effect-TS/effect-smol/tree/HEAD/packages/atom/react/issues/2426">#2426</a>)</li>
<li><a
href="https://github.com/Effect-TS/effect-smol/commit/d11b2b5f2b4646983d4bb7b52bfc0de1a5ad17e2"><code>d11b2b5</code></a>
Version Packages (beta) (<a
href="https://github.com/Effect-TS/effect-smol/tree/HEAD/packages/atom/react/issues/2408">#2408</a>)</li>
<li>See full diff in <a
href="https://github.com/Effect-TS/effect-smol/commits/@effect/atom-react@4.0.0-beta.85/packages/atom/react">compare
view</a></li>
</ul>
</details>
<br />
Updates `@effect/platform-bun` from 4.0.0-beta.83 to 4.0.0-beta.85
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/Effect-TS/effect/commits/HEAD/packages/platform-bun">compare
view</a></li>
</ul>
</details>
<br />
Updates `@effect/platform-node` from 4.0.0-beta.83 to 4.0.0-beta.85
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/Effect-TS/effect/commits/HEAD/packages/platform-node">compare
view</a></li>
</ul>
</details>
<br />
Updates `@effect/sql-pg` from 4.0.0-beta.83 to 4.0.0-beta.85
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/Effect-TS/effect/commits/HEAD/packages/sql-pg">compare
view</a></li>
</ul>
</details>
<br />
Updates `@effect/vitest` from 4.0.0-beta.84 to 4.0.0-beta.85
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/Effect-TS/effect/commits/HEAD/packages/vitest">compare
view</a></li>
</ul>
</details>
<br />
Updates `@nx/devkit` from 22.7.5 to 23.0.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nrwl/nx/releases">@nx/devkit's
releases</a>.</em></p>
<blockquote>
<h1>23.0.0 (2026-06-16)</h1>
<h3>🚀 Features</h3>
<ul>
<li>⚠️ <strong>angular:</strong> remove deprecated
<code>@nx/angular/</code>module-federation entry point (<a
href="https://redirect.github.com/nrwl/nx/pull/35512">#35512</a>)</li>
<li>⚠️ <strong>angular:</strong> remove deprecated move generator (<a
href="https://redirect.github.com/nrwl/nx/pull/35513">#35513</a>)</li>
<li>⚠️ <strong>angular:</strong> remove deprecated ngrx generator (<a
href="https://redirect.github.com/nrwl/nx/pull/35567">#35567</a>)</li>
<li><strong>angular:</strong> deprecate convert-to-with-mf generator (<a
href="https://redirect.github.com/nrwl/nx/pull/35862">#35862</a>)</li>
<li><strong>angular:</strong> deprecate SCAM generators (<a
href="https://redirect.github.com/nrwl/nx/pull/35887">#35887</a>)</li>
<li>⚠️ <strong>bundling:</strong> drop legacy typescript plugin and
align rollup buildLibsFromSource default (<a
href="https://redirect.github.com/nrwl/nx/pull/35516">#35516</a>)</li>
<li>⚠️ <strong>bundling:</strong> remove SVGR option and provide
withSvgr migration (<a
href="https://redirect.github.com/nrwl/nx/pull/35611">#35611</a>)</li>
<li><strong>bundling:</strong> add Vite 7 -> 8 migrations (<a
href="https://redirect.github.com/nrwl/nx/pull/35614">#35614</a>)</li>
<li><strong>core:</strong> add support for '...' as a spread token when
merging target config (<a
href="https://redirect.github.com/nrwl/nx/pull/34285">#34285</a>)</li>
<li><strong>core:</strong> show target uses task graph + filter broken
dependsOn during normalization (<a
href="https://redirect.github.com/nrwl/nx/pull/35367">#35367</a>)</li>
<li><strong>core:</strong> add --mode and --multi-major-mode flags to nx
migrate (<a
href="https://redirect.github.com/nrwl/nx/pull/35497">#35497</a>)</li>
<li><strong>core:</strong> support <code>prompt</code> field in
migration entries (<a
href="https://redirect.github.com/nrwl/nx/pull/35638">#35638</a>)</li>
<li><strong>core:</strong> rename nx watch --includeDependentProjects to
--includeDependencies (<a
href="https://redirect.github.com/nrwl/nx/pull/35699">#35699</a>)</li>
<li><strong>core:</strong> support filtered array-shape targetDefaults
with projects and source (<a
href="https://redirect.github.com/nrwl/nx/pull/35340">#35340</a>)</li>
<li><strong>core:</strong> enable native Node.js TypeScript stripping by
default (<a
href="https://redirect.github.com/nrwl/nx/pull/35608">#35608</a>)</li>
<li><strong>core:</strong> add shell tab-completion (bash, zsh, fish,
powershell) (<a
href="https://redirect.github.com/nrwl/nx/pull/34951">#34951</a>)</li>
<li><strong>core:</strong> add agentic mode to nx migrate
--run-migrations (<a
href="https://redirect.github.com/nrwl/nx/pull/35718">#35718</a>)</li>
<li><strong>core:</strong> add a migrate configuration section to
nx.json (<a
href="https://redirect.github.com/nrwl/nx/pull/35831">#35831</a>)</li>
<li><strong>core:</strong> feed migration docs to agents in nx migrate
(<a
href="https://redirect.github.com/nrwl/nx/pull/35835">#35835</a>)</li>
<li><strong>core:</strong> avoid redundant rematch in
findMatchingConfigFiles (<a
href="https://redirect.github.com/nrwl/nx/pull/35793">#35793</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/35792">#35792</a>)</li>
<li>⚠️ <strong>core:</strong> rename CreateNodes V2 types to canonical
OG names (<a
href="https://redirect.github.com/nrwl/nx/pull/35386">#35386</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/32951">#32951</a>)</li>
<li><strong>core:</strong> support prompt-only and hybrid migrations in
Nx Console UI (<a
href="https://redirect.github.com/nrwl/nx/pull/35822">#35822</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/35718">#35718</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/3153">#3153</a>)</li>
<li><strong>core:</strong> add JSON schema for migrations.json files (<a
href="https://redirect.github.com/nrwl/nx/pull/35888">#35888</a>)</li>
<li><strong>core:</strong> add migrations for createNodesV2 ->
createNodes rename (<a
href="https://redirect.github.com/nrwl/nx/pull/35893">#35893</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/35386">#35386</a>)</li>
<li><strong>core:</strong> extend <code>nx migrate --include</code> to
any package that supports optional updates (<a
href="https://redirect.github.com/nrwl/nx/pull/35905">#35905</a>)</li>
<li><strong>core:</strong> report analytics events for the nx migrate
flow (<a
href="https://redirect.github.com/nrwl/nx/pull/35937">#35937</a>)</li>
<li><strong>core:</strong> revert array-shape targetDefaults support
pending redesign and reapplication (<a
href="https://redirect.github.com/nrwl/nx/pull/36005">#36005</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/35340">#35340</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/35711">#35711</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/35752">#35752</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/35991">#35991</a>)</li>
<li>⚠️ <strong>detox:</strong> deprecate the <code>@nx/detox</code>
build and test executors (<a
href="https://redirect.github.com/nrwl/nx/pull/35529">#35529</a>)</li>
<li><strong>devkit:</strong> migrate <code>@nx/devkit/src/...</code>
deep imports (<a
href="https://redirect.github.com/nrwl/nx/pull/35541">#35541</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/34946">#34946</a>)</li>
<li>⚠️ <strong>devkit:</strong> deprecate the standalone parameter of
addProjectConfiguration (<a
href="https://redirect.github.com/nrwl/nx/pull/35883">#35883</a>)</li>
<li><strong>gradle:</strong> stream batch task results to nx as they
finish (<a
href="https://redirect.github.com/nrwl/nx/pull/35487">#35487</a>)</li>
<li><strong>js:</strong> support pnpm 11.2.2 (<a
href="https://redirect.github.com/nrwl/nx/pull/35772">#3577…
This PR was automatically created to sync the generated `@supabase/api` package with the latest Management API OpenAPI document. Changes were detected in the upstream OpenAPI document exposed by `https://api.supabase.com/api/v1-json`. Co-authored-by: jgoux <1443499+jgoux@users.noreply.github.com>
Extract directory creation logic into a new `legacyMakeDir` utility that matches Go's `os.MkdirAll` behavior by treating an already-existing directory as success. The Effect/Bun `FileSystem.makeDirectory` API can surface an `AlreadyExists` `SystemError` for existing directories on some platforms (notably Windows with OneDrive reparse points — CLI-1849), even with `recursive: true`. This differs from Go's `os.MkdirAll`, which returns nil when the target is already a directory. **Key changes:** - Add `legacyMakeDir` utility in `apps/cli/src/legacy/shared/legacy-make-dir.ts` that wraps `FileSystem.makeDirectory` and recovers from `AlreadyExists` errors - Add comprehensive unit tests covering success case, `AlreadyExists` recovery, and error propagation - Replace three inline `makeDirectory` calls in `db diff`, `db pull`, and `db schema declarative sync` handlers with `legacyMakeDir` This ensures the CLI's migration writers never fail on a pre-existing `supabase/migrations` directory, matching the original Go implementation's behavior. https://claude.ai/code/session_01AWa8Hr8BS2pZucac9r3wb7 Co-authored-by: Claude <noreply@anthropic.com>
This PR was automatically created to sync the generated `@supabase/api` package with the latest Management API OpenAPI document. Changes were detected in the upstream OpenAPI document exposed by `https://api.supabase.com/api/v1-json`. --------- Co-authored-by: jgoux <1443499+jgoux@users.noreply.github.com> Co-authored-by: Julien Goux <hi@jgoux.dev>
…tes (#5730) Bumps the go-minor group with 2 updates in the /apps/cli-go directory: [github.com/andybalholm/brotli](https://github.com/andybalholm/brotli) and [github.com/oapi-codegen/nullable](https://github.com/oapi-codegen/nullable). Bumps the go-minor group with 2 updates in the /apps/cli-go/pkg directory: [github.com/andybalholm/brotli](https://github.com/andybalholm/brotli) and [github.com/oapi-codegen/nullable](https://github.com/oapi-codegen/nullable). Updates `github.com/andybalholm/brotli` from 1.2.1 to 1.2.2 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/andybalholm/brotli/commit/785aba538b2118979d2c573eccb287c4da157faf"><code>785aba5</code></a> reuse hgroups</li> <li><a href="https://github.com/andybalholm/brotli/commit/b797a3535cbdd227ce3520cb0dfe01d83c2eeda9"><code>b797a35</code></a> reuse block_type_trees</li> <li>See full diff in <a href="https://github.com/andybalholm/brotli/compare/v1.2.1...v1.2.2">compare view</a></li> </ul> </details> <br /> Updates `github.com/oapi-codegen/nullable` from 1.1.0 to 1.2.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/oapi-codegen/nullable/releases">github.com/oapi-codegen/nullable's releases</a>.</em></p> <blockquote> <h2>New getter function</h2> <h2>🚀 New features and improvements</h2> <ul> <li>feat: new method for fetching ignoring error (<a href="https://redirect.github.com/oapi-codegen/nullable/issues/13">#13</a>) <a href="https://github.com/lzap"><code>@lzap</code></a></li> </ul> <p>There is now a <code>GetOrEmpty()</code> on <code>Nullable</code> which will return the wrapped value if it's available, or it will create a new zerovalue if <code>Nullable</code> is uninitialized, or initialized to <code>nil</code>.</p> <h2>📝 Documentation updates</h2> <ul> <li>docs(sponsors): add <code>FUNDING.yml</code> (<a href="https://redirect.github.com/oapi-codegen/nullable/issues/9">#9</a>) <a href="https://github.com/jamietanna"><code>@jamietanna</code></a></li> </ul> <h2>✍ Other changes</h2> <ul> <li>Update CI config (<a href="https://redirect.github.com/oapi-codegen/nullable/issues/33">#33</a>) <a href="https://github.com/mromaszewicz"><code>@mromaszewicz</code></a></li> <li>chore: onboard to Renovate (<a href="https://redirect.github.com/oapi-codegen/nullable/issues/5">#5</a>) <a href="https://github.com/jamietanna"><code>@jamietanna</code></a></li> </ul> <h2>📦 Dependency updates</h2> <ul> <li>chore(deps): pin dependencies (<a href="https://redirect.github.com/oapi-codegen/nullable/issues/16">#16</a>) <a href="https://github.com/renovate"><code>@renovate</code></a></li> </ul> <h2>Sponsors</h2> <p>We would like to thank our sponsors for their support during this release.</p> <!-- raw HTML omitted --> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/oapi-codegen/nullable/commit/e4ef9c9376e8af534ae6fcc8b87f00a024cb645d"><code>e4ef9c9</code></a> Merge pull request <a href="https://redirect.github.com/oapi-codegen/nullable/issues/33">#33</a> from oapi-codegen/chore/ci</li> <li><a href="https://github.com/oapi-codegen/nullable/commit/486afb97c1e3118fe099d133bdf5bc201c6bd4b9"><code>486afb9</code></a> Update CI settings</li> <li><a href="https://github.com/oapi-codegen/nullable/commit/e5788251282d58f34bea50ecdb08c9469f4f15a2"><code>e578825</code></a> Merge pull request <a href="https://redirect.github.com/oapi-codegen/nullable/issues/13">#13</a> from lzap/dig1</li> <li><a href="https://github.com/oapi-codegen/nullable/commit/6fde78b67c1bee57577b65b8a82f269d3221b261"><code>6fde78b</code></a> feat: new method for fetching ignoring error</li> <li><a href="https://github.com/oapi-codegen/nullable/commit/55520a653f276b120fde6a9bc7bbaf5eeaa15134"><code>55520a6</code></a> chore(deps): pin dependencies</li> <li><a href="https://github.com/oapi-codegen/nullable/commit/0d2a587518c93d9fda3b3d167d2d30bd07d4c207"><code>0d2a587</code></a> docs(sponsors): add <code>FUNDING.yml</code></li> <li><a href="https://github.com/oapi-codegen/nullable/commit/07848389862fa8b98e3b5a6a4f119ad8a6042261"><code>0784838</code></a> chore: onboard to Renovate</li> <li>See full diff in <a href="https://github.com/oapi-codegen/nullable/compare/v1.1.0...v1.2.0">compare view</a></li> </ul> </details> <br /> Updates `github.com/andybalholm/brotli` from 1.2.1 to 1.2.2 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/andybalholm/brotli/commit/785aba538b2118979d2c573eccb287c4da157faf"><code>785aba5</code></a> reuse hgroups</li> <li><a href="https://github.com/andybalholm/brotli/commit/b797a3535cbdd227ce3520cb0dfe01d83c2eeda9"><code>b797a35</code></a> reuse block_type_trees</li> <li>See full diff in <a href="https://github.com/andybalholm/brotli/compare/v1.2.1...v1.2.2">compare view</a></li> </ul> </details> <br /> Updates `github.com/oapi-codegen/nullable` from 1.1.0 to 1.2.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/oapi-codegen/nullable/releases">github.com/oapi-codegen/nullable's releases</a>.</em></p> <blockquote> <h2>New getter function</h2> <h2>🚀 New features and improvements</h2> <ul> <li>feat: new method for fetching ignoring error (<a href="https://redirect.github.com/oapi-codegen/nullable/issues/13">#13</a>) <a href="https://github.com/lzap"><code>@lzap</code></a></li> </ul> <p>There is now a <code>GetOrEmpty()</code> on <code>Nullable</code> which will return the wrapped value if it's available, or it will create a new zerovalue if <code>Nullable</code> is uninitialized, or initialized to <code>nil</code>.</p> <h2>📝 Documentation updates</h2> <ul> <li>docs(sponsors): add <code>FUNDING.yml</code> (<a href="https://redirect.github.com/oapi-codegen/nullable/issues/9">#9</a>) <a href="https://github.com/jamietanna"><code>@jamietanna</code></a></li> </ul> <h2>✍ Other changes</h2> <ul> <li>Update CI config (<a href="https://redirect.github.com/oapi-codegen/nullable/issues/33">#33</a>) <a href="https://github.com/mromaszewicz"><code>@mromaszewicz</code></a></li> <li>chore: onboard to Renovate (<a href="https://redirect.github.com/oapi-codegen/nullable/issues/5">#5</a>) <a href="https://github.com/jamietanna"><code>@jamietanna</code></a></li> </ul> <h2>📦 Dependency updates</h2> <ul> <li>chore(deps): pin dependencies (<a href="https://redirect.github.com/oapi-codegen/nullable/issues/16">#16</a>) <a href="https://github.com/renovate"><code>@renovate</code></a></li> </ul> <h2>Sponsors</h2> <p>We would like to thank our sponsors for their support during this release.</p> <!-- raw HTML omitted --> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/oapi-codegen/nullable/commit/e4ef9c9376e8af534ae6fcc8b87f00a024cb645d"><code>e4ef9c9</code></a> Merge pull request <a href="https://redirect.github.com/oapi-codegen/nullable/issues/33">#33</a> from oapi-codegen/chore/ci</li> <li><a href="https://github.com/oapi-codegen/nullable/commit/486afb97c1e3118fe099d133bdf5bc201c6bd4b9"><code>486afb9</code></a> Update CI settings</li> <li><a href="https://github.com/oapi-codegen/nullable/commit/e5788251282d58f34bea50ecdb08c9469f4f15a2"><code>e578825</code></a> Merge pull request <a href="https://redirect.github.com/oapi-codegen/nullable/issues/13">#13</a> from lzap/dig1</li> <li><a href="https://github.com/oapi-codegen/nullable/commit/6fde78b67c1bee57577b65b8a82f269d3221b261"><code>6fde78b</code></a> feat: new method for fetching ignoring error</li> <li><a href="https://github.com/oapi-codegen/nullable/commit/55520a653f276b120fde6a9bc7bbaf5eeaa15134"><code>55520a6</code></a> chore(deps): pin dependencies</li> <li><a href="https://github.com/oapi-codegen/nullable/commit/0d2a587518c93d9fda3b3d167d2d30bd07d4c207"><code>0d2a587</code></a> docs(sponsors): add <code>FUNDING.yml</code></li> <li><a href="https://github.com/oapi-codegen/nullable/commit/07848389862fa8b98e3b5a6a4f119ad8a6042261"><code>0784838</code></a> chore: onboard to Renovate</li> <li>See full diff in <a href="https://github.com/oapi-codegen/nullable/compare/v1.1.0...v1.2.0">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the npm-major group with 4 updates: [@anthropic-ai/claude-agent-sdk](https://github.com/anthropics/claude-agent-sdk-typescript), [@swc/core](https://github.com/swc-project/swc/tree/HEAD/packages/core), [@typescript/native-preview](https://github.com/microsoft/typescript-go) and [oxfmt](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxfmt). Updates `@anthropic-ai/claude-agent-sdk` from 0.3.185 to 0.3.186 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/anthropics/claude-agent-sdk-typescript/releases">@anthropic-ai/claude-agent-sdk's releases</a>.</em></p> <blockquote> <h2>v0.3.186</h2> <h2>What's changed</h2> <ul> <li>Added <code>agent_id</code> field to <code>can_use_tool</code> control requests — background agents now forward permission prompts to <code>canUseTool</code> instead of auto-denying, and stdin stays open while background tasks are running</li> <li>Added <code>ReadMcpResourceDirTool</code> tool type to SDK schemas — MCP resource directory listing is now a dedicated tool instead of a fallback inside <code>ReadMcpResourceTool</code></li> <li>Added <code>rewind_conversation</code> control request for rewinding a conversation to a previous point with durable resume anchor support</li> </ul> <h2>Update</h2> <pre lang="sh"><code>npm install @anthropic-ai/claude-agent-sdk@0.3.186 # or yarn add @anthropic-ai/claude-agent-sdk@0.3.186 # or pnpm add @anthropic-ai/claude-agent-sdk@0.3.186 # or bun add @anthropic-ai/claude-agent-sdk@0.3.186 </code></pre> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/anthropics/claude-agent-sdk-typescript/blob/main/CHANGELOG.md">@anthropic-ai/claude-agent-sdk's changelog</a>.</em></p> <blockquote> <h2>0.3.186</h2> <ul> <li>Added <code>agent_id</code> field to <code>can_use_tool</code> control requests — background agents now forward permission prompts to <code>canUseTool</code> instead of auto-denying, and stdin stays open while background tasks are running</li> <li>Added <code>ReadMcpResourceDirTool</code> tool type to SDK schemas — MCP resource directory listing is now a dedicated tool instead of a fallback inside <code>ReadMcpResourceTool</code></li> <li>Added <code>rewind_conversation</code> control request for rewinding a conversation to a previous point with durable resume anchor support</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/anthropics/claude-agent-sdk-typescript/commit/42f6772cbaa694b27f78f8b435ef87cb95882f3f"><code>42f6772</code></a> chore: Update CHANGELOG.md</li> <li>See full diff in <a href="https://github.com/anthropics/claude-agent-sdk-typescript/compare/v0.3.185...v0.3.186">compare view</a></li> </ul> </details> <br /> Updates `@swc/core` from 1.15.41 to 1.15.43 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/swc-project/swc/blob/main/CHANGELOG.md">@swc/core's changelog</a>.</em></p> <blockquote> <h2>[1.15.43] - 2026-06-22</h2> <h3>Bug Fixes</h3> <ul> <li> <p><strong>(es/es2022)</strong> Correct scope for private property brand checks (<a href="https://redirect.github.com/swc-project/swc/issues/11953">#11953</a>) (<a href="https://github.com/swc-project/swc/commit/fb5afa22796439b41a0b261b6a4823cab0dcc8df">fb5afa2</a>)</p> </li> <li> <p><strong>(es/minifier)</strong> Preserve <code>cooked</code> when concatenating template literals (<a href="https://redirect.github.com/swc-project/swc/issues/11939">#11939</a>) (<a href="https://github.com/swc-project/swc/commit/a7244a65e2dcb28f20ab6d747fd782d02a8eebf9">a7244a6</a>)</p> </li> <li> <p><strong>(es/minifier)</strong> Gate Number(x) -> +x on unsafe flag (<a href="https://redirect.github.com/swc-project/swc/issues/11944">#11944</a>) (<a href="https://redirect.github.com/swc-project/swc/issues/11949">#11949</a>) (<a href="https://github.com/swc-project/swc/commit/617601978a4090cde8c0dd900c079cc7eb64b642">6176019</a>)</p> </li> <li> <p><strong>(es/parser)</strong> Parse Flow bare renders types (<a href="https://redirect.github.com/swc-project/swc/issues/11929">#11929</a>) (<a href="https://github.com/swc-project/swc/commit/a71c8eba7b0ef4280b8866cd8e6eebc5be10f0dc">a71c8eb</a>)</p> </li> <li> <p><strong>(es/parser)</strong> Allow no-default builds (<a href="https://redirect.github.com/swc-project/swc/issues/11956">#11956</a>) (<a href="https://github.com/swc-project/swc/commit/baab240500b8d7329fabfb3ec936ba62b59742db">baab240</a>)</p> </li> <li> <p><strong>(es/react-compiler)</strong> Skip TypeScript <code>this</code> pseudo-params in scope collector (<a href="https://redirect.github.com/swc-project/swc/issues/11940">#11940</a>) (<a href="https://github.com/swc-project/swc/commit/9066c4319a8c4e8bf9dc97885d2d7ff3a26cf79f">9066c43</a>)</p> </li> <li> <p><strong>(es/react-compiler)</strong> Scope ClassStaticBlock and TsModuleBlock as var boundaries (<a href="https://redirect.github.com/swc-project/swc/issues/11943">#11943</a>) (<a href="https://github.com/swc-project/swc/commit/1ee74a0cc5938a720e106221374c0d894396a16d">1ee74a0</a>)</p> </li> <li> <p><strong>(react-compiler)</strong> Avoid reporting non-fatal success errors as diagnostics (<a href="https://redirect.github.com/swc-project/swc/issues/11951">#11951</a>) (<a href="https://github.com/swc-project/swc/commit/cb4cb230ec473cb42ccd27dc8d20702ccb24e653">cb4cb23</a>)</p> </li> <li> <p><strong>(react-compiler)</strong> React compiler AST conversion for wrapped assignment targets (<a href="https://redirect.github.com/swc-project/swc/issues/11952">#11952</a>) (<a href="https://github.com/swc-project/swc/commit/fc9b4537a0e4adf8bce0f8834b7805a75a448a5b">fc9b453</a>)</p> </li> <li> <p><strong>(react-compiler)</strong> Disable parser default features (<a href="https://redirect.github.com/swc-project/swc/issues/11957">#11957</a>) (<a href="https://github.com/swc-project/swc/commit/75ddb28bceb2c88ea5f0aaa21e19d4f83f4ae5c7">75ddb28</a>)</p> </li> </ul> <h3>Documentation</h3> <ul> <li>Document untrusted input security scope (<a href="https://redirect.github.com/swc-project/swc/issues/11937">#11937</a>) (<a href="https://github.com/swc-project/swc/commit/677305b6fb204d5ffd391616f3e091c5c190893a">677305b</a>)</li> </ul> <h3>Features</h3> <ul> <li> <p><strong>(es/react-compiler)</strong> Add React Compiler (<a href="https://redirect.github.com/swc-project/swc/issues/11917">#11917</a>) (<a href="https://github.com/swc-project/swc/commit/b182fbd5bc0336f33ac1dec4ca0027d5b25ce1e3">b182fbd</a>)</p> </li> <li> <p><strong>(swc)</strong> Gate react compiler re-export (<a href="https://redirect.github.com/swc-project/swc/issues/11941">#11941</a>) (<a href="https://github.com/swc-project/swc/commit/dcc0f2d0c5c5b68656065277b0b84572286693a5">dcc0f2d</a>)</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/swc-project/swc/commit/73f0f386da64fe432975183f9ccf28429b52638a"><code>73f0f38</code></a> chore: Publish <code>1.15.43</code> with <code>swc_core</code> <code>v71.0.3</code></li> <li><a href="https://github.com/swc-project/swc/commit/550e53919b7842d9d658e98c93bf7b3302a774c7"><code>550e539</code></a> chore: Publish <code>1.15.43-nightly-20260622.1</code> with <code>swc_core</code> <code>v71.0.3</code></li> <li><a href="https://github.com/swc-project/swc/commit/1523823214dfcbf266de67183ffbfd8bb2768bcb"><code>1523823</code></a> chore: Publish <code>1.15.42-nightly-20260622.1</code> with <code>swc_core</code> <code>v71.0.2</code></li> <li><a href="https://github.com/swc-project/swc/commit/0dffdc4998a5b8605de8f07fb0518bc60495a931"><code>0dffdc4</code></a> refactor: Remove production tracing hooks (<a href="https://github.com/swc-project/swc/tree/HEAD/packages/core/issues/11945">#11945</a>)</li> <li><a href="https://github.com/swc-project/swc/commit/b182fbd5bc0336f33ac1dec4ca0027d5b25ce1e3"><code>b182fbd</code></a> feat(es/react-compiler): Add React Compiler (<a href="https://github.com/swc-project/swc/tree/HEAD/packages/core/issues/11917">#11917</a>)</li> <li>See full diff in <a href="https://github.com/swc-project/swc/commits/v1.15.43/packages/core">compare view</a></li> </ul> </details> <br /> Updates `@typescript/native-preview` from 7.0.0-dev.20260621.1 to 7.0.0-dev.20260622.1 <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/microsoft/typescript-go/commits">compare view</a></li> </ul> </details> <br /> Updates `oxfmt` from 0.55.0 to 0.56.0 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/oxc-project/oxc/blob/main/npm/oxfmt/CHANGELOG.md">oxfmt's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <p>All notable changes to this package will be documented in this file.</p> <p>The format is based on <a href="https://keepachangelog.com/en/1.0.0">Keep a Changelog</a>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/oxc-project/oxc/commit/c4be770f24adc4026efa96fb82182f743c55e423"><code>c4be770</code></a> release(apps): oxlint v1.71.0 && oxfmt v0.56.0 (<a href="https://github.com/oxc-project/oxc/tree/HEAD/npm/oxfmt/issues/23707">#23707</a>)</li> <li>See full diff in <a href="https://github.com/oxc-project/oxc/commits/oxfmt_v0.56.0/npm/oxfmt">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…/apps/cli-go/pkg/config/templates (#5733) Bumps supabase/postgres from 17.6.1.139 to 17.6.1.140. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…emplates with 6 updates (#5732) Bumps the docker-minor group in /apps/cli-go/pkg/config/templates with 6 updates: | Package | From | To | | --- | --- | --- | | postgrest/postgrest | `v14.13` | `v14.14` | | supabase/studio | `2026.06.22-sha-2207d7f` | `2026.06.29-sha-20290c7` | | supabase/gotrue | `v2.191.0` | `v2.192.0` | | supabase/realtime | `v2.112.0` | `v2.112.1` | | supabase/storage-api | `v1.61.5` | `v1.61.7` | | supabase/logflare | `1.45.4` | `1.45.6` | Updates `postgrest/postgrest` from v14.13 to v14.14 Updates `supabase/studio` from 2026.06.22-sha-2207d7f to 2026.06.29-sha-20290c7 Updates `supabase/gotrue` from v2.191.0 to v2.192.0 Updates `supabase/realtime` from v2.112.0 to v2.112.1 Updates `supabase/storage-api` from v1.61.5 to v1.61.7 Updates `supabase/logflare` from 1.45.4 to 1.45.6 Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the actions-major group with 4 updates: [actions/setup-go](https://github.com/actions/setup-go), [actions/cache/restore](https://github.com/actions/cache), [actions/cache/save](https://github.com/actions/cache) and [actions/cache](https://github.com/actions/cache). Updates `actions/setup-go` from 6.4.0 to 6.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-go/releases">actions/setup-go's releases</a>.</em></p> <blockquote> <h2>v6.5.0</h2> <h2>What's Changed</h2> <h3>Dependency update</h3> <ul> <li>Upgrade actions dependencies by <a href="https://github.com/priyagupta108"><code>@priyagupta108</code></a> with <a href="https://github.com/Copilot"><code>@Copilot</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/744">actions/setup-go#744</a></li> <li>Upgrade <code>@types/node</code> and typescript-eslint dependencies to resolve npm audit findings by <a href="https://github.com/HarithaVattikuti"><code>@HarithaVattikuti</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/755">actions/setup-go#755</a></li> <li>Upgrade <code>@actions/cache</code> to 5.1.0, log cache write denied by <a href="https://github.com/jasongin"><code>@jasongin</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/758">actions/setup-go#758</a></li> <li>Upgrade version to 6.5.0 in package.json and package-lock.json by <a href="https://github.com/HarithaVattikuti"><code>@HarithaVattikuti</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/762">actions/setup-go#762</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/priyagupta108"><code>@priyagupta108</code></a> with <a href="https://github.com/Copilot"><code>@Copilot</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-go/pull/744">actions/setup-go#744</a></li> <li><a href="https://github.com/jasongin"><code>@jasongin</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-go/pull/758">actions/setup-go#758</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-go/compare/v6...v6.5.0">https://github.com/actions/setup-go/compare/v6...v6.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-go/commit/924ae3a1cded613372ab5595356fb5720e22ba16"><code>924ae3a</code></a> chore: bump version to 6.5.0 in package.json and package-lock.json (<a href="https://redirect.github.com/actions/setup-go/issues/762">#762</a>)</li> <li><a href="https://github.com/actions/setup-go/commit/e91cc3bfe0c3efd0b2d1dc3a51269c9038deb4f1"><code>e91cc3b</code></a> Bump <code>@actions/cache</code> to 5.1.0, log cache write denied (<a href="https://redirect.github.com/actions/setup-go/issues/758">#758</a>)</li> <li><a href="https://github.com/actions/setup-go/commit/4a2405e6aebff6aabd8e43618539aa35cf90ac92"><code>4a2405e</code></a> chore: update <code>@types/node</code> and <a href="https://github.com/typescript-eslint"><code>@typescript-eslint</code></a> dependencies to latest versi...</li> <li><a href="https://github.com/actions/setup-go/commit/78961f6f84d799cd858575bb931c3e51d3b13290"><code>78961f6</code></a> chore: update <a href="https://github.com/actions"><code>@actions</code></a> dependencies and refresh license cache (<a href="https://redirect.github.com/actions/setup-go/issues/744">#744</a>)</li> <li>See full diff in <a href="https://github.com/actions/setup-go/compare/4a3601121dd01d1626a1e23e37211e3254c1c06c...924ae3a1cded613372ab5595356fb5720e22ba16">compare view</a></li> </ul> </details> <br /> Updates `actions/cache/restore` from 5.0.5 to 6.1.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache/restore's releases</a>.</em></p> <blockquote> <h2>v6.1.0</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/cache</code> to v6.1.0 - handle read-only cache access by <a href="https://github.com/jasongin"><code>@jasongin</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1768">actions/cache#1768</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v6...v6.1.0">https://github.com/actions/cache/compare/v6...v6.1.0</a></p> <h2>v6.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update packages, migrate to ESM by <a href="https://github.com/Samirat"><code>@Samirat</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1760">actions/cache#1760</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v5...v6.0.0">https://github.com/actions/cache/compare/v5...v6.0.0</a></p> <h2>v5.1.0</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/cache</code> to v5.1.0 - handle read-only cache access by <a href="https://github.com/jasongin"><code>@jasongin</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1775">actions/cache#1775</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v5...v5.1.0">https://github.com/actions/cache/compare/v5...v5.1.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache/restore's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h2>How to prepare a release</h2> <blockquote> <p>[!NOTE] Relevant for maintainers with write access only.</p> </blockquote> <ol> <li>Switch to a new branch from <code>main</code>.</li> <li>Run <code>npm test</code> to ensure all tests are passing.</li> <li>Update the version in <a href="https://github.com/actions/cache/blob/main/package.json"><code>https://github.com/actions/cache/blob/main/package.json</code></a>.</li> <li>Run <code>npm run build</code> to update the compiled files.</li> <li>Update this <a href="https://github.com/actions/cache/blob/main/RELEASES.md"><code>https://github.com/actions/cache/blob/main/RELEASES.md</code></a> with the new version and changes in the <code>## Changelog</code> section.</li> <li>Run <code>licensed cache</code> to update the license report.</li> <li>Run <code>licensed status</code> and resolve any warnings by updating the <a href="https://github.com/actions/cache/blob/main/.licensed.yml"><code>https://github.com/actions/cache/blob/main/.licensed.yml</code></a> file with the exceptions.</li> <li>Commit your changes and push your branch upstream.</li> <li>Open a pull request against <code>main</code> and get it reviewed and merged.</li> <li>Draft a new release <a href="https://github.com/actions/cache/releases">https://github.com/actions/cache/releases</a> use the same version number used in <code>package.json</code> <ol> <li>Create a new tag with the version number.</li> <li>Auto generate release notes and update them to match the changes you made in <code>RELEASES.md</code>.</li> <li>Toggle the set as the latest release option.</li> <li>Publish the release.</li> </ol> </li> <li>Navigate to <a href="https://github.com/actions/cache/actions/workflows/release-new-action-version.yml">https://github.com/actions/cache/actions/workflows/release-new-action-version.yml</a> <ol> <li>There should be a workflow run queued with the same version number.</li> <li>Approve the run to publish the new version and update the major tags for this action.</li> </ol> </li> </ol> <h2>Changelog</h2> <h3>6.1.0</h3> <ul> <li>Bump <code>@actions/cache</code> to v6.1.0 to pick up <a href="https://redirect.github.com/actions/toolkit/pull/2435">actions/toolkit#2435 Handle cache write error due to read-only token</a></li> <li>Switch redundant "Cache save failed" warning to debug log in save-only</li> </ul> <h3>6.0.0</h3> <ul> <li>Updated <code>@actions/cache</code> to ^6.0.1, <code>@actions/core</code> to ^3.0.1, <code>@actions/exec</code> to ^3.0.0, <code>@actions/io</code> to ^3.0.2</li> <li>Migrated to ESM module system</li> <li>Upgraded Jest to v30 and test infrastructure to be ESM compatible</li> </ul> <h3>5.0.4</h3> <ul> <li>Bump <code>minimatch</code> to v3.1.5 (fixes ReDoS via globstar patterns)</li> <li>Bump <code>undici</code> to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)</li> <li>Bump <code>fast-xml-parser</code> to v5.5.6</li> </ul> <h3>5.0.3</h3> <ul> <li>Bump <code>@actions/cache</code> to v5.0.5 (Resolves: <a href="https://github.com/actions/cache/security/dependabot/33">https://github.com/actions/cache/security/dependabot/33</a>)</li> <li>Bump <code>@actions/core</code> to v2.0.3</li> </ul> <h3>5.0.2</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/55cc8345863c7cc4c66a329aec7e433d2d1c52a9"><code>55cc834</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1768">#1768</a> from jasongin/readonly-cache</li> <li><a href="https://github.com/actions/cache/commit/d8cd72f230726cdf4457ebb61ec1b593a8d12337"><code>d8cd72f</code></a> Bump <code>@actions/cache</code> to v6.1.0 - handle cache write error due to RO token</li> <li><a href="https://github.com/actions/cache/commit/2c8a9bd7457de244a408f35966fab2fb45fda9c8"><code>2c8a9bd</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1760">#1760</a> from actions/samirat/esm_migration_and_package_update</li> <li><a href="https://github.com/actions/cache/commit/e9b91fdc3fea7d79165fceb79042ef45c2d51023"><code>e9b91fd</code></a> Prettier fixes</li> <li><a href="https://github.com/actions/cache/commit/e4884b8ff7f92ef6b52c79eda480bbc86e685adb"><code>e4884b8</code></a> Rebuild dist</li> <li><a href="https://github.com/actions/cache/commit/10baf0191a3c426ea0fa4a3253a5c04233b6e18f"><code>10baf01</code></a> Fixed licenses</li> <li><a href="https://github.com/actions/cache/commit/e39b386c9004d72a15d864ade8c0b3a702d47a37"><code>e39b386</code></a> Fix test mock return order</li> <li><a href="https://github.com/actions/cache/commit/b6928203372a8571ff984c0c883ef3a1adfb0c06"><code>b692820</code></a> PR feedback</li> <li><a href="https://github.com/actions/cache/commit/60749128a44d25d3c520a489e576380cf00ff3f1"><code>6074912</code></a> Rebuild dist bundles as ESM to match type:module</li> <li><a href="https://github.com/actions/cache/commit/5a912e8b4af820fa082a0e75cfd2c782f8fbfe0e"><code>5a912e8</code></a> Fix lint and jest issues</li> <li>Additional commits viewable in <a href="https://github.com/actions/cache/compare/27d5ce7f107fe9357f9df03efb73ab90386fccae...55cc8345863c7cc4c66a329aec7e433d2d1c52a9">compare view</a></li> </ul> </details> <br /> Updates `actions/cache/save` from 5.0.5 to 6.1.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache/save's releases</a>.</em></p> <blockquote> <h2>v6.1.0</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/cache</code> to v6.1.0 - handle read-only cache access by <a href="https://github.com/jasongin"><code>@jasongin</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1768">actions/cache#1768</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v6...v6.1.0">https://github.com/actions/cache/compare/v6...v6.1.0</a></p> <h2>v6.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update packages, migrate to ESM by <a href="https://github.com/Samirat"><code>@Samirat</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1760">actions/cache#1760</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v5...v6.0.0">https://github.com/actions/cache/compare/v5...v6.0.0</a></p> <h2>v5.1.0</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/cache</code> to v5.1.0 - handle read-only cache access by <a href="https://github.com/jasongin"><code>@jasongin</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1775">actions/cache#1775</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v5...v5.1.0">https://github.com/actions/cache/compare/v5...v5.1.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache/save's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h2>How to prepare a release</h2> <blockquote> <p>[!NOTE] Relevant for maintainers with write access only.</p> </blockquote> <ol> <li>Switch to a new branch from <code>main</code>.</li> <li>Run <code>npm test</code> to ensure all tests are passing.</li> <li>Update the version in <a href="https://github.com/actions/cache/blob/main/package.json"><code>https://github.com/actions/cache/blob/main/package.json</code></a>.</li> <li>Run <code>npm run build</code> to update the compiled files.</li> <li>Update this <a href="https://github.com/actions/cache/blob/main/RELEASES.md"><code>https://github.com/actions/cache/blob/main/RELEASES.md</code></a> with the new version and changes in the <code>## Changelog</code> section.</li> <li>Run <code>licensed cache</code> to update the license report.</li> <li>Run <code>licensed status</code> and resolve any warnings by updating the <a href="https://github.com/actions/cache/blob/main/.licensed.yml"><code>https://github.com/actions/cache/blob/main/.licensed.yml</code></a> file with the exceptions.</li> <li>Commit your changes and push your branch upstream.</li> <li>Open a pull request against <code>main</code> and get it reviewed and merged.</li> <li>Draft a new release <a href="https://github.com/actions/cache/releases">https://github.com/actions/cache/releases</a> use the same version number used in <code>package.json</code> <ol> <li>Create a new tag with the version number.</li> <li>Auto generate release notes and update them to match the changes you made in <code>RELEASES.md</code>.</li> <li>Toggle the set as the latest release option.</li> <li>Publish the release.</li> </ol> </li> <li>Navigate to <a href="https://github.com/actions/cache/actions/workflows/release-new-action-version.yml">https://github.com/actions/cache/actions/workflows/release-new-action-version.yml</a> <ol> <li>There should be a workflow run queued with the same version number.</li> <li>Approve the run to publish the new version and update the major tags for this action.</li> </ol> </li> </ol> <h2>Changelog</h2> <h3>6.1.0</h3> <ul> <li>Bump <code>@actions/cache</code> to v6.1.0 to pick up <a href="https://redirect.github.com/actions/toolkit/pull/2435">actions/toolkit#2435 Handle cache write error due to read-only token</a></li> <li>Switch redundant "Cache save failed" warning to debug log in save-only</li> </ul> <h3>6.0.0</h3> <ul> <li>Updated <code>@actions/cache</code> to ^6.0.1, <code>@actions/core</code> to ^3.0.1, <code>@actions/exec</code> to ^3.0.0, <code>@actions/io</code> to ^3.0.2</li> <li>Migrated to ESM module system</li> <li>Upgraded Jest to v30 and test infrastructure to be ESM compatible</li> </ul> <h3>5.0.4</h3> <ul> <li>Bump <code>minimatch</code> to v3.1.5 (fixes ReDoS via globstar patterns)</li> <li>Bump <code>undici</code> to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)</li> <li>Bump <code>fast-xml-parser</code> to v5.5.6</li> </ul> <h3>5.0.3</h3> <ul> <li>Bump <code>@actions/cache</code> to v5.0.5 (Resolves: <a href="https://github.com/actions/cache/security/dependabot/33">https://github.com/actions/cache/security/dependabot/33</a>)</li> <li>Bump <code>@actions/core</code> to v2.0.3</li> </ul> <h3>5.0.2</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/55cc8345863c7cc4c66a329aec7e433d2d1c52a9"><code>55cc834</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1768">#1768</a> from jasongin/readonly-cache</li> <li><a href="https://github.com/actions/cache/commit/d8cd72f230726cdf4457ebb61ec1b593a8d12337"><code>d8cd72f</code></a> Bump <code>@actions/cache</code> to v6.1.0 - handle cache write error due to RO token</li> <li><a href="https://github.com/actions/cache/commit/2c8a9bd7457de244a408f35966fab2fb45fda9c8"><code>2c8a9bd</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1760">#1760</a> from actions/samirat/esm_migration_and_package_update</li> <li><a href="https://github.com/actions/cache/commit/e9b91fdc3fea7d79165fceb79042ef45c2d51023"><code>e9b91fd</code></a> Prettier fixes</li> <li><a href="https://github.com/actions/cache/commit/e4884b8ff7f92ef6b52c79eda480bbc86e685adb"><code>e4884b8</code></a> Rebuild dist</li> <li><a href="https://github.com/actions/cache/commit/10baf0191a3c426ea0fa4a3253a5c04233b6e18f"><code>10baf01</code></a> Fixed licenses</li> <li><a href="https://github.com/actions/cache/commit/e39b386c9004d72a15d864ade8c0b3a702d47a37"><code>e39b386</code></a> Fix test mock return order</li> <li><a href="https://github.com/actions/cache/commit/b6928203372a8571ff984c0c883ef3a1adfb0c06"><code>b692820</code></a> PR feedback</li> <li><a href="https://github.com/actions/cache/commit/60749128a44d25d3c520a489e576380cf00ff3f1"><code>6074912</code></a> Rebuild dist bundles as ESM to match type:module</li> <li><a href="https://github.com/actions/cache/commit/5a912e8b4af820fa082a0e75cfd2c782f8fbfe0e"><code>5a912e8</code></a> Fix lint and jest issues</li> <li>Additional commits viewable in <a href="https://github.com/actions/cache/compare/27d5ce7f107fe9357f9df03efb73ab90386fccae...55cc8345863c7cc4c66a329aec7e433d2d1c52a9">compare view</a></li> </ul> </details> <br /> Updates `actions/cache` from 5.0.5 to 6.1.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v6.1.0</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/cache</code> to v6.1.0 - handle read-only cache access by <a href="https://github.com/jasongin"><code>@jasongin</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1768">actions/cache#1768</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v6...v6.1.0">https://github.com/actions/cache/compare/v6...v6.1.0</a></p> <h2>v6.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update packages, migrate to ESM by <a href="https://github.com/Samirat"><code>@Samirat</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1760">actions/cache#1760</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v5...v6.0.0">https://github.com/actions/cache/compare/v5...v6.0.0</a></p> <h2>v5.1.0</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/cache</code> to v5.1.0 - handle read-only cache access by <a href="https://github.com/jasongin"><code>@jasongin</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1775">actions/cache#1775</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v5...v5.1.0">https://github.com/actions/cache/compare/v5...v5.1.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h2>How to prepare a release</h2> <blockquote> <p>[!NOTE] Relevant for maintainers with write access only.</p> </blockquote> <ol> <li>Switch to a new branch from <code>main</code>.</li> <li>Run <code>npm test</code> to ensure all tests are passing.</li> <li>Update the version in <a href="https://github.com/actions/cache/blob/main/package.json"><code>https://github.com/actions/cache/blob/main/package.json</code></a>.</li> <li>Run <code>npm run build</code> to update the compiled files.</li> <li>Update this <a href="https://github.com/actions/cache/blob/main/RELEASES.md"><code>https://github.com/actions/cache/blob/main/RELEASES.md</code></a> with the new version and changes in the <code>## Changelog</code> section.</li> <li>Run <code>licensed cache</code> to update the license report.</li> <li>Run <code>licensed status</code> and resolve any warnings by updating the <a href="https://github.com/actions/cache/blob/main/.licensed.yml"><code>https://github.com/actions/cache/blob/main/.licensed.yml</code></a> file with the exceptions.</li> <li>Commit your changes and push your branch upstream.</li> <li>Open a pull request against <code>main</code> and get it reviewed and merged.</li> <li>Draft a new release <a href="https://github.com/actions/cache/releases">https://github.com/actions/cache/releases</a> use the same version number used in <code>package.json</code> <ol> <li>Create a new tag with the version number.</li> <li>Auto generate release notes and update them to match the changes you made in <code>RELEASES.md</code>.</li> <li>Toggle the set as the latest release option.</li> <li>Publish the release.</li> </ol> </li> <li>Navigate to <a href="https://github.com/actions/cache/actions/workflows/release-new-action-version.yml">https://github.com/actions/cache/actions/workflows/release-new-action-version.yml</a> <ol> <li>There should be a workflow run queued with the same version number.</li> <li>Approve the run to publish the new version and update the major tags for this action.</li> </ol> </li> </ol> <h2>Changelog</h2> <h3>6.1.0</h3> <ul> <li>Bump <code>@actions/cache</code> to v6.1.0 to pick up <a href="https://redirect.github.com/actions/toolkit/pull/2435">actions/toolkit#2435 Handle cache write error due to read-only token</a></li> <li>Switch redundant "Cache save failed" warning to debug log in save-only</li> </ul> <h3>6.0.0</h3> <ul> <li>Updated <code>@actions/cache</code> to ^6.0.1, <code>@actions/core</code> to ^3.0.1, <code>@actions/exec</code> to ^3.0.0, <code>@actions/io</code> to ^3.0.2</li> <li>Migrated to ESM module system</li> <li>Upgraded Jest to v30 and test infrastructure to be ESM compatible</li> </ul> <h3>5.0.4</h3> <ul> <li>Bump <code>minimatch</code> to v3.1.5 (fixes ReDoS via globstar patterns)</li> <li>Bump <code>undici</code> to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)</li> <li>Bump <code>fast-xml-parser</code> to v5.5.6</li> </ul> <h3>5.0.3</h3> <ul> <li>Bump <code>@actions/cache</code> to v5.0.5 (Resolves: <a href="https://github.com/actions/cache/security/dependabot/33">https://github.com/actions/cache/security/dependabot/33</a>)</li> <li>Bump <code>@actions/core</code> to v2.0.3</li> </ul> <h3>5.0.2</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/55cc8345863c7cc4c66a329aec7e433d2d1c52a9"><code>55cc834</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1768">#1768</a> from jasongin/readonly-cache</li> <li><a href="https://github.com/actions/cache/commit/d8cd72f230726cdf4457ebb61ec1b593a8d12337"><code>d8cd72f</code></a> Bump <code>@actions/cache</code> to v6.1.0 - handle cache write error due to RO token</li> <li><a href="https://github.com/actions/cache/commit/2c8a9bd7457de244a408f35966fab2fb45fda9c8"><code>2c8a9bd</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1760">#1760</a> from actions/samirat/esm_migration_and_package_update</li> <li><a href="https://github.com/actions/cache/commit/e9b91fdc3fea7d79165fceb79042ef45c2d51023"><code>e9b91fd</code></a> Prettier fixes</li> <li><a href="https://github.com/actions/cache/commit/e4884b8ff7f92ef6b52c79eda480bbc86e685adb"><code>e4884b8</code></a> Rebuild dist</li> <li><a href="https://github.com/actions/cache/commit/10baf0191a3c426ea0fa4a3253a5c04233b6e18f"><code>10baf01</code></a> Fixed licenses</li> <li><a href="https://github.com/actions/cache/commit/e39b386c9004d72a15d864ade8c0b3a702d47a37"><code>e39b386</code></a> Fix test mock return order</li> <li><a href="https://github.com/actions/cache/commit/b6928203372a8571ff984c0c883ef3a1adfb0c06"><code>b692820</code></a> PR feedback</li> <li><a href="https://github.com/actions/cache/commit/60749128a44d25d3c520a489e576380cf00ff3f1"><code>6074912</code></a> Rebuild dist bundles as ESM to match type:module</li> <li><a href="https://github.com/actions/cache/commit/5a912e8b4af820fa082a0e75cfd2c782f8fbfe0e"><code>5a912e8</code></a> Fix lint and jest issues</li> <li>Additional commits viewable in <a href="https://github.com/actions/cache/compare/27d5ce7f107fe9357f9df03efb73ab90386fccae...55cc8345863c7cc4c66a329aec7e433d2d1c52a9">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 1ff7cc3434
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: e3ed7d4a44
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| } | ||
|
|
||
| export function legacyIsMissingContainerInspectError(stderr: string): boolean { | ||
| return stderr.toLowerCase().includes("no such container"); |
There was a problem hiding this comment.
When a user's local stack has not been started and the container CLI reports the missing inspect target as No such object (the existing functions serve inspect path still handles this variant), this predicate returns false, so ensureLocalPostgresImageCurrent fails before the later ensureLocalDatabaseStarted path can start Postgres for db schema declarative generate --local or smart local bootstrap. Please accept the same missing-object variant here so an absent container remains the intended no-op.
Useful? React with 👍 / 👎.
This PR was automatically created to sync API types from the infrastructure repository. Changes were detected in the generated API code after syncing with the latest spec from infrastructure. --------- Co-authored-by: supabase-cli-releaser[bot] <246109035+supabase-cli-releaser[bot]@users.noreply.github.com> Co-authored-by: Andrew Valleteau <avallete@users.noreply.github.com> Co-authored-by: Claude <noreply@anthropic.com>
…5671) ## What changed Ports 6 of 7 `supabase migration` subcommands from Go-proxy delegates to native Effect/TypeScript in the legacy shell: - `migration new` — writes `supabase/migrations/<ts>_<name>.sql` from piped stdin - `migration list` — merged Local / Remote / Time-UTC Glamour table; defaults to `--linked` - `migration fetch` — writes history rows to `supabase/migrations/`; overwrite prompt - `migration repair` — transactional create-table + TRUNCATE/UPSERT/DELETE; repair-all prompt - `migration up` — pending compute, `[db.vault]` upsert, per-file apply; `--include-all` - `migration down` — revert prompt → drop user schemas → vault → migrate&seed to target version Shared infra: consolidated `legacy-migration-history.ts` (SQL + reconcile/pending/read helpers), hoisted `legacy-migration-file.ts` out of `db/shared`, new `legacy-drop-objects.ts` / `legacy-vault.ts` / `legacy-seed.ts` (with an `fs.Glob` port) / `legacy-migrate-and-seed.ts`, and a `legacyReadDbToml` extension for `[db.seed]` / `[db.vault]` / `[db.migrations]`. `db diff` / `db pull` / declarative call sites were re-pointed to the consolidated module. ## Why Replaces the last `migration` Go-proxy handlers with native implementations (M5: Database & Migrations, CLI-1312), removing the Go-binary dependency for these commands while preserving Go output / flag / exit-code parity. ## Reviewer notes - **`migration squash` is intentionally still a Go-proxy delegate.** A native squash would emit pg-delta diff format instead of Go's `pg_dump` bytes — a documented divergence (CLI-1597) that is *not* byte parity — and needs a bare-baseline-shadow seam mode that does not exist yet. Kept on the proxy (byte-identical to Go) until CLI-1597's rewrite, similar to `db diff --use-pgadmin`. - **`migration up` does not seed** — matches Go (`up.Run` only applies migrations + upserts vault; seeding is `down`-only via `MigrateAndSeed`). - **Transaction shape:** Go runs repair/baseline/vault/seed DML via `pgx.Batch` (no explicit transaction). `LegacyDbSession` has no batch primitive, so the port wraps these in explicit `BEGIN`/`COMMIT`/`ROLLBACK` — atomic, a deliberate safer divergence on partial-failure paths; the success path is identical. The one exception is pipeline-incompatible statements (see next note), which must run outside any transaction. - **Pipeline-incompatible statements run outside the transaction (adopts #5156).** `migration up`/`down` (and declarative `sync`) apply each file inside a `BEGIN`/`COMMIT`, but `CREATE INDEX CONCURRENTLY`, `VACUUM`, `REINDEX … CONCURRENTLY`, `ALTER SYSTEM`, and `CLUSTER` cannot run in a transaction block (SQLSTATE 25001). `legacyApplyMigrationFile` now detects them (`legacyIsPipelineIncompatible`), flushes the open batch, runs the statement standalone, then resumes batching; the history insert lands in the final batch so the migration is recorded only after every statement succeeds. Files without such statements stay a single `BEGIN`/`COMMIT` (behaviour unchanged). This ports the Go fix from #5156 directly into the native TS apply — that Go PR is being closed in favour of this implementation, since these commands are now native TS. Fixes #5139. - **`migration down`** skips Go's best-effort `pgcache.TryCacheMigrationsCatalog` (a guaranteed no-op there, since `down` always passes a concrete version). - Dotenvx-`encrypted:` `[db.vault]` values are not decrypted; they are treated as unresolved/skipped, matching Go's outcome when no `DOTENV_PRIVATE_KEY` is present. - **Migration `--local` connect-error parity tests canonicalize stderr.** The `migration … --local` e2e parity cases exercise the connection-refused path, where the TS connect-error stderr does not yet byte-match Go (Go: `Connecting to local database…` + pgconn dial error + `SetConnectSuggestion`; TS: `@effect/sql-pg` `SqlError` + `--debug` hint). Exit code, stdout, request log, and filesystem stay under strict parity; the known stderr divergence is normalized to the shared `failed to connect to postgres:` prefix, and the behaviour tests still assert the meaningful substring + non-zero exit. Porting the connect-error shaping to Go's wording is tracked separately. Per-subcommand `SIDE_EFFECTS.md` and `docs/go-cli-porting-status.md` are updated. CLOSES CLI-1312
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: b48fad60ad
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| // batch ends; `history.go:32-33`, `file.go:87`). A bare session-level `SET` would leak | ||
| // the 4s timeout into a caller's real work (e.g. `migration repair`'s TRUNCATE/UPSERT | ||
| // or seed SQL), which Go never does. | ||
| const SET_LOCAL_LOCK_TIMEOUT = "SET LOCAL lock_timeout = '4s'"; |
There was a problem hiding this comment.
When migration repair (and seed application) calls this helper, it immediately runs the TRUNCATE/UPSERT or seed batch on the same database session. The Go helper uses session-level SET lock_timeout = '4s', so those follow-up statements fail promptly if the migration/seed tables are locked; SET LOCAL is cleared by this helper's COMMIT before that work starts, leaving the new native path to wait indefinitely on those locks. Please keep the session-level timeout or set it again around the subsequent batch.
Useful? React with 👍 / 👎.
| const exists = yield* fs | ||
| .exists(resolveUnderWorkdir(path, workdir, pattern)) | ||
| .pipe(Effect.orElseSucceed(() => false)); | ||
| return exists ? [pattern] : []; |
There was a problem hiding this comment.
When seed paths include an empty element, such as SUPABASE_DB_SEED_SQL_PATHS=seed.sql, or sql_paths = "seed.sql,", Go's fs.Glob treats the empty pattern as no match, warns, and still applies the real seed files. This literal-path branch instead resolves "" to the workdir, returns it as a seed file because the directory exists, and legacyApplySeedFiles then fails trying to read the project directory as a file, so seeding aborts. Please treat empty patterns as unmatched before checking existence.
Useful? React with 👍 / 👎.
avallete
approved these changes
Jun 30, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.