Skip to content

build(deps): bump the prod-minor-patch group with 4 updates#124

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/prod-minor-patch-4589410ff5
Open

build(deps): bump the prod-minor-patch group with 4 updates#124
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/prod-minor-patch-4589410ff5

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 23, 2026

Copy link
Copy Markdown
Contributor

Bumps the prod-minor-patch group with 4 updates: @ax-llm/ax, @tanstack/react-router, lucide-react and uuid.

Updates @ax-llm/ax from 22.0.3 to 22.0.6

Release notes

Sourced from @​ax-llm/ax's releases.

Release 22.0.6

  • fix(axir): handle binary speak()/TTS responses across the non-TS ports 5068c65e
  • examples: base64-encode audio in rust/cpp examples + fix go/rust runner cwd 5cc31317
  • fix(axir): implement multipart/form-data in the non-TS port HTTP layers 57009cee
  • examples: refresh audio example chat models to gpt-5.4-mini 577dd720
  • examples: refresh non-TS non-agent examples to current model 8b5694a5
  • examples: refresh TS non-agent examples to current models 7371c594
  • fix(axir): recurse into nested object/object[] flexible-json output leaves aa1e64a5
  • chore(axir): add RLM prompt source-sync gate 0d525e3d
  • fix(axir): populate freeform json[] output fields in the language ports bd3a4eba
  • examples: refresh agent examples to current models (gpt-5.4 / gemini-3.5-flash) f7dc25df
  • website + README: use the X intent/follow URL for the @​dosco CTAs (pops the follow dialog) 7ad43c06

Release 22.0.5

  • website + README: prominent "follow @​dosco on X" CTA + registry version badges 2366ab89
  • website: declutter homepage — remove path-card grid, borderless "Quick install" section cb040307
  • website: revert homepage hero restructure from #555 (keep install-command updates) 34efec35
  • website: published install one-liners + dedicated Install section on the homepage (#555) 18223946
  • fix(maven): bump central-publishing-maven-plugin 0.7.0 -> 0.11.0 (#554) 2e0b6678

Release 22.0.4

  • release: regenerate non-TS packages on npm run release so all versions bump together (#553) da84776c
  • Make Go consumable via go get + real package-manager install docs (#552) cb3cd032
  • Axir agent feature parity (#548) 219e2311
  • Axir agent feature parity (#547) ed5be7fe
  • Make live-model agents work: json_schema output contract + top-level await a59eb9e4
  • ci: run the whole real-engine suite (incl. distiller-code) every push 34b4863d
  • Fix distiller: run the RLM actor loop so live non-TS agents work e73b710f
  • Fix AxFlow derive; add anti-hardcode response-perturbation gate c39b2854
  • Port full agent() feature parity to AxIR across all five languages 94a76a81
  • Add website example sections 04126818
  • docs: document generated package release flow 7174791e
  • Complete AxIR verification instruments e0ddfcc1
  • Regenerate the packages with Apache-2.0 licensing ee1439cf
  • License the generated packages Apache-2.0 and add publish lanes 51519965
  • Regenerate the packages with the hardened conformance runners a76b1e2f
  • Add the perturbation check and fix the nine holes it found 77d0f53d
  • Regenerate the packages with coverage trace hooks fdb6a229
  • Add a coverage audit that traces emitted functions under conformance 63947638
  • Move the docs site to Hugo under website/ 5b28f909
  • Harden the AxIR backlog gate 831e5f04
  • Add scalarizes to the spelling dictionary 51a73d5a
  • Regenerate the Go package with CoreFlow control flow d495cd4a
  • Port CoreFlow to the Go emitter and end panic control flow 207e1962
  • Embed the emitter templates from real files e252947c
  • Keep the provider data files out of the formatter 58ad541a
  • Extract the provider data blobs into JSON files ec441bd1
  • Add file-backed compact call arguments 13bacd96
  • Add source-level lint rules and a lint phase to the pipeline d426f0ec
  • Move config values out of type slots and enforce the rule 80e9263b

... (truncated)

Changelog

Sourced from @​ax-llm/ax's changelog.

22.0.6 (2026-06-21)

Bug Fixes

  • axir: handle binary speak()/TTS responses across the non-TS ports (5068c65)
  • axir: implement multipart/form-data in the non-TS port HTTP layers (57009ce)
  • axir: populate freeform json[] output fields in the language ports (bd3a4eb)
  • axir: recurse into nested object/object[] flexible-json output leaves (aa1e64a)

22.0.5 (2026-06-20)

Bug Fixes

  • maven: bump central-publishing-maven-plugin 0.7.0 -> 0.11.0 (#554) (2e0b667)

22.0.5 (2026-06-20)

Bug Fixes

  • maven: bump central-publishing-maven-plugin 0.7.0 -> 0.11.0 (#554) (2e0b667)

22.0.4 (2026-06-20)

22.0.4 (2026-06-20)

Commits
  • fa53d4e chore: release v22.0.6
  • 5068c65 fix(axir): handle binary speak()/TTS responses across the non-TS ports
  • 5cc3131 examples: base64-encode audio in rust/cpp examples + fix go/rust runner cwd
  • 57009ce fix(axir): implement multipart/form-data in the non-TS port HTTP layers
  • 577dd72 examples: refresh audio example chat models to gpt-5.4-mini
  • 8b5694a examples: refresh non-TS non-agent examples to current model
  • 7371c59 examples: refresh TS non-agent examples to current models
  • aa1e64a fix(axir): recurse into nested object/object[] flexible-json output leaves
  • 0d525e3 chore(axir): add RLM prompt source-sync gate
  • bd3a4eb fix(axir): populate freeform json[] output fields in the language ports
  • Additional commits viewable in compare view

Updates @tanstack/react-router from 1.170.15 to 1.170.16

Release notes

Sourced from @​tanstack/react-router's releases.

@​tanstack/react-router@​1.170.16

Patch Changes

  • #7595 52db703 - Perf improvement of useMatch and derived hooks when navigating away from previous match

  • #7575 4a93cff - useMatches can skip useRef for structural sharing during SSR

  • #7600 f046b06 - Reduce Match rerenders during navigations (PR #7596)

  • #7577 689d88e - Reduce bundle size by sharing structuralSharing selector logic

  • #7627 689c5ab - Silence AbortError in renderRouterToStream, this is normal operation

Changelog

Sourced from @​tanstack/react-router's changelog.

1.170.16

Patch Changes

  • #7595 52db703 - Perf improvement of useMatch and derived hooks when navigating away from previous match

  • #7575 4a93cff - useMatches can skip useRef for structural sharing during SSR

  • #7600 f046b06 - Reduce Match rerenders during navigations (PR #7596)

  • #7577 689d88e - Reduce bundle size by sharing structuralSharing selector logic

  • #7627 689c5ab - Silence AbortError in renderRouterToStream, this is normal operation

Commits
  • f23ed0f ci: Version Packages (#7576)
  • 689c5ab chore(react-router): silence AbortError in renderRouterToStream (#7627)
  • a2b9d51 docs: fix duplicate "to" typos (#7370)
  • 56bd271 perf(react-router): add match selector compares (#7596)
  • 52db703 fix(react-router): avoid throwing in useMatch selector (#7595)
  • 689d88e refactor(react-router): Reduce bundle size by sharing hook structuralSharing ...
  • 4a93cff refactor(react-router): useMatches skips useRef during SSR (#7575)
  • See full diff in compare view

Updates lucide-react from 1.20.0 to 1.21.0

Release notes

Sourced from lucide-react's releases.

Version 1.21.0

What's Changed

New Contributors

Full Changelog: lucide-icons/lucide@1.20.0...1.21.0

Commits
  • 5ff536e ci(release.yml): Fix workflow and remove version scripts in package scripts...
  • See full diff in compare view

Updates uuid from 14.0.0 to 14.0.1

Release notes

Sourced from uuid's releases.

v14.0.1

14.0.1 (2026-06-20)

Bug Fixes

  • add types condition to node export for moduleResolution bundler (#961) (27ffae5)
Changelog

Sourced from uuid's changelog.

14.0.1 (2026-06-20)

Bug Fixes

  • add types condition to node export for moduleResolution bundler (#961) (27ffae5)
Commits
Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the prod-minor-patch group with 4 updates
bfea02a 
Bumps the prod-minor-patch group with 4 updates: [@ax-llm/ax](https://github.com/ax-llm/ax), [@tanstack/react-router](https://github.com/TanStack/router/tree/HEAD/packages/react-router), [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) and [uuid](https://github.com/uuidjs/uuid).


Updates `@ax-llm/ax` from 22.0.3 to 22.0.6
- [Release notes](https://github.com/ax-llm/ax/releases)
- [Changelog](https://github.com/ax-llm/ax/blob/main/CHANGELOG.md)
- [Commits](ax-llm/ax@22.0.3...22.0.6)

Updates `@tanstack/react-router` from 1.170.15 to 1.170.16
- [Release notes](https://github.com/TanStack/router/releases)
- [Changelog](https://github.com/TanStack/router/blob/main/packages/react-router/CHANGELOG.md)
- [Commits](https://github.com/TanStack/router/commits/@tanstack/react-router@1.170.16/packages/react-router)

Updates `lucide-react` from 1.20.0 to 1.21.0
- [Release notes](https://github.com/lucide-icons/lucide/releases)
- [Commits](https://github.com/lucide-icons/lucide/commits/1.21.0/packages/lucide-react)

Updates `uuid` from 14.0.0 to 14.0.1
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v14.0.0...v14.0.1)

---
updated-dependencies:
- dependency-name: "@ax-llm/ax"
  dependency-version: 22.0.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-minor-patch
- dependency-name: "@tanstack/react-router"
  dependency-version: 1.170.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-minor-patch
- dependency-name: lucide-react
  dependency-version: 1.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-minor-patch
- dependency-name: uuid
  dependency-version: 14.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update JavaScript code labels Jun 23, 2026
@cursor

cursor Bot commented Jun 23, 2026
edited
Loading

Copy link
Copy Markdown

PR Summary

Low Risk
Routine dependency bumps with no app code edits; @ax-llm/ax touches LLM runtime behavior but only across patch releases.

Overview
Bumps four production dependencies in package.json and package-lock.json only—no application source changes.

@ax-llm/ax moves 22.0.3 → 22.0.6 (patch fixes around AxIR JSON output, multipart HTTP, and TTS/binary responses). @tanstack/react-router 1.170.15 → 1.170.16 (navigation perf and fewer match rerenders). lucide-react 1.20.0 → 1.21.0 (icon set / release tooling). uuid 14.0.0 → 14.0.1 (Node export types condition for bundler module resolution).

Reviewed by Cursor Bugbot for commit bfea02a. Bugbot is set up for automated code reviews on this repo. Configure here.

@socket-security

socket-security Bot commented Jun 23, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updated@​ax-llm/​ax@​22.0.3 ⏵ 22.0.666 -6100100 +196100
Updated@​tanstack/​react-router@​1.170.15 ⏵ 1.170.16751008496 -1100
Updatedlucide-react@​1.20.0 ⏵ 1.21.0100 +110098 +196 +180
Updateduuid@​14.0.0 ⏵ 14.0.110010010093100

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update JavaScript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants