Skip to content

fix(deps): update non-major#184

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/non-major
Open

fix(deps): update non-major#184
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/non-major

Conversation

@renovate

@renovate renovate Bot commented Mar 30, 2026

Copy link
Copy Markdown
Contributor

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Change Age Confidence
@portabletext/react ^3.2.1^3.2.4 age confidence
@portabletext/types ^2.0.13^2.0.15 age confidence
@sanity/block-content-to-hyperscript ^3.0.0^3.0.1 age confidence
@sanity/cli (source) ^5.2.0^5.14.1 age confidence
@sanity/code-input (source) ^7.0.5^7.2.6 age confidence
@sanity/color-input (source) ^6.0.3^6.0.12 age confidence
@sanity/icons (source) ^3.7.4^3.8.0 age confidence
@sanity/image-url (source) ^1.1.0^1.2.0 age confidence
@sanity/types (source) ^5.2.0^5.31.1 age confidence
@sanity/ui (source) ^3.0.1^3.3.5 age confidence
@sanity/uuid (source) ^3.0.2^3.0.3 age confidence
@sanity/vision (source) ^5.4.0^5.31.1 age confidence
@types/lodash (source) ^4.17.19^4.17.24 age confidence
@types/node (source) ^20.19.1^20.19.43 age confidence
@types/qs (source) ^6.14.0^6.15.1 age confidence
@types/semver (source) ^7.7.0^7.7.1 age confidence
axios (source) ^1.10.0^1.18.1 age confidence
easymde ^2.20.0^2.21.0 age confidence
eslint-config-prettier ^9.1.0^9.1.2 age confidence
eslint-plugin-prettier ^5.5.1^5.5.6 age confidence
lodash (source) ^4.17.21^4.18.1 age confidence
nanoid ^3.3.11^3.3.15 age confidence
prettier (source) ^3.6.2^3.9.5 age confidence
qs ^6.14.0^6.15.3 age confidence
react (source) ^19.2.1^19.2.7 age confidence
react-copy-to-clipboard ^5.1.0^5.1.1 age confidence
react-dom (source) ^19.2.1^19.2.7 age confidence
react-is (source) ^19.2.1^19.2.7 age confidence
react-player ^2.16.0^2.16.1 age confidence
sanity (source) ^5.4.0^5.31.1 age confidence
sanity-plugin-markdown (source) ^8.0.4^8.0.7 age confidence
semver ^7.7.2^7.8.5 age confidence
styled-components (source) ^6.1.19^6.4.3 age confidence
typescript (source) ^5.8.3^5.9.3 age confidence

Release Notes

sanity-io/block-content-to-hyperscript (@​sanity/block-content-to-hyperscript)

v3.0.1

Compare Source

sanity-io/cli (@​sanity/cli)

v5.14.1

Note: Version bump only for package @​sanity/cli

v5.14.0

Note: Version bump only for package @​sanity/cli

v5.13.0

Features

v5.12.0

Features

v5.11.0

Note: Version bump only for package @​sanity/cli

v5.10.0

Note: Version bump only for package @​sanity/cli

v5.9.0

Features
Bug Fixes
Reverts

v5.8.1

Bug Fixes

v5.8.0

Features

v5.7.0

Bug Fixes

v5.6.0

Bug Fixes

v5.5.0

Features

v5.4.0

Note: Version bump only for package @​sanity/cli

v5.3.1

Note: Version bump only for package @​sanity/cli

v5.3.0

Features
Bug Fixes
sanity-io/plugins (@​sanity/code-input)

v7.2.6

Compare Source

Patch Changes

v7.2.5

Compare Source

Patch Changes
  • #​1491 2361892 Thanks @​stipsan! - Build with tsdown instead of @sanity/pkg-utils. Internal build-tooling change only, with no intended changes to the public API or runtime behavior.

v7.2.4

Compare Source

Patch Changes
  • #​1460 f50f060 Thanks @​stipsan! - Regenerate TypeScript declaration output: isolatedDeclarations is no longer used and declarations are now generated with tsgo (@typescript/native-preview). Internal build-tooling change only, with no runtime behavior or public API changes.

v7.2.3

Compare Source

Patch Changes
  • #​1481 0eae652 Thanks @​stipsan! - Upgrade @sanity/pkg-utils to ^10.9.0, enabling tree-shaking of unused styled-components in the published bundle. Tagged template literals are now transpiled to plain call expressions during build, so bundlers can drop styled components this plugin exports but the app doesn't use, reducing bundle size.

v7.2.2

Compare Source

Patch Changes
  • #​1471 52487d2 Thanks @​stipsan! - Update @sanity/icons to v4 and adopt its per-icon import paths for smaller bundles and faster treeshaking

v7.2.1

Compare Source

Patch Changes
  • #​1363 f9acf7c Thanks @​stipsan! - Replace React.forwardRef with the React 19 ref-as-prop pattern (internal refactor, no API change)

v7.2.0

Compare Source

Minor Changes
  • #​1433 1ca8564 Thanks @​nuotsu! - Add an "Expand editor" button that expands the code editor to fill the document pane. Use the new disableFullscreen field option to hide it.
Patch Changes

v7.1.6

Compare Source

Patch Changes
  • a1aca4c Thanks @​stipsan! - Stop publishing the assets directory to npm and reference README images via absolute GitHub URLs

v7.1.5

Compare Source

Patch Changes

v7.1.4

Compare Source

Patch Changes

v7.1.3

Compare Source

Patch Changes

v7.1.2

Compare Source

Patch Changes
  • #​903 2f03c8d Thanks @​bjoerge! - Widen sanity peer-dependency range to ^5 || ^6.0.0-0 to support Sanity Studio v6 (including v6 pre-releases).

v7.1.1

Compare Source

Patch Changes

v7.1.0

Compare Source

Minor Changes
  • #​798 ad6ff98 Thanks @​rexxars! - Use dedicated GROQ grammar for syntax highlighting instead of falling back to JavaScript

v7.0.12

Compare Source

Patch Changes

v7.0.11

Compare Source

Patch Changes

v7.0.10

Compare Source

Patch Changes

v7.0.9

Compare Source

Patch Changes

v7.0.8

Compare Source

Patch Changes

v7.0.7

Compare Source

Patch Changes

v7.0.6

Compare Source

Patch Changes
sanity-io/plugins (@​sanity/color-input)

v6.0.12

Compare Source

Patch Changes
  • #​1491 2361892 Thanks @​stipsan! - Build with tsdown instead of @sanity/pkg-utils. Internal build-tooling change only, with no intended changes to the public API or runtime behavior.

v6.0.11

Compare Source

Patch Changes
  • #​1460 f50f060 Thanks @​stipsan! - Regenerate TypeScript declaration output: isolatedDeclarations is no longer used and declarations are now generated with tsgo (@typescript/native-preview). Internal build-tooling change only, with no runtime behavior or public API changes.

v6.0.10

Compare Source

Patch Changes
  • #​1481 0eae652 Thanks @​stipsan! - Upgrade @sanity/pkg-utils to ^10.9.0, enabling tree-shaking of unused styled-components in the published bundle. Tagged template literals are now transpiled to plain call expressions during build, so bundlers can drop styled components this plugin exports but the app doesn't use, reducing bundle size.

v6.0.9

Compare Source

Patch Changes
  • #​1471 52487d2 Thanks @​stipsan! - Update @sanity/icons to v4 and adopt its per-icon import paths for smaller bundles and faster treeshaking

v6.0.8

Compare Source

Patch Changes
  • #​1364 7f44d48 Thanks @​stipsan! - Inline a small, typed fork of the react-color building blocks used by the color input and drop the react-color and @types/react-color dependencies

v6.0.7

Compare Source

Patch Changes

v6.0.6

Compare Source

Patch Changes
  • #​903 2f03c8d Thanks @​bjoerge! - Widen sanity peer-dependency range to ^5 || ^6.0.0-0 to support Sanity Studio v6 (including v6 pre-releases).

v6.0.5

Compare Source

Patch Changes

v6.0.4

Compare Source

Patch Changes
sanity-io/icons (@​sanity/icons)

v3.8.0

Compare Source

Minor Changes
Patch Changes

v3.7.7

Compare Source

Patch Changes
  • #​181 5b9d2cb Thanks @​stipsan! - Bumped @testing-library/react, @types/node, and @types/react devDependencies to their latest versions.

v3.7.6

Compare Source

Bug Fixes
  • enable trusted publishing (925545b)
sanity-io/image-url (@​sanity/image-url)

v1.2.0

Compare Source

Minor Changes
Patch Changes

All notable changes will be documented in this file.

sanity-io/sanity (@​sanity/types)

v5.31.1

Compare Source

Sanity Studio v5.31.1

For the complete changelog with all details, please visit:
www.sanity.io/docs/changelog/5e41ca5a-489c-4390-a9e8-f3712b30bf37

Install or upgrade Sanity Studio

To upgrade to this version, run:

npm install sanity@latest

To initiate a new Sanity Studio project or learn more about upgrading, please refer to our comprehensive guide on Installing and Upgrading Sanity Studio.

📓 Full changelog

Author Message Commit
@​stipsan fix(core): revert use schema preview selection for search (#​13029) ec87ab7
@​stipsan fix(core): exclude dereference paths from groq2024 score boosts (#​13027) ca4657e
@​bjoerge ci(release): add commit log and working compare link to v5 release pr (#​13028) 75a443d
@​bjoerge ci(release): block v5 release pr when commits would cause a major bump 0b8f8e3
@​bjoerge ci(release): keep pnpm install output out of v5 release pr description 451b07b
@​bjoerge chore(ci): set up release automation for v5 65d0a0c
squiggler-app[bot] chore(release): publish v5.31.1 (#​13022) 1cd4e22

v5.31.0

Compare Source

Bug Fixes

v5.30.0

Compare Source

Sanity Studio v5.30.0

This release includes various improvements and bug fixes.

For the complete changelog with all details, please visit:
www.sanity.io/changelog/studio-NS4yOS4w

Install or upgrade Sanity Studio

To upgrade to this version, run:

npm install sanity@latest

To initiate a new Sanity Studio project or learn more about upgrading, please refer to our comprehensive guide on Installing and Upgrading Sanity Studio.

📓 Full changelog

Author Message Commit
@​bjoerge fix(authStore): resolve dual-mode SSO login loop (#​12933) 2ae1370
@​bjoerge feat: add vercel routing configuration for auth-test-studio (#​12929) cf5baeb
squiggler-app[bot] fix(deps): update dependency @​sanity/cli to ^6.7.1 (#​12928) df8fc74

v5.29.0

Compare Source

Sanity Studio v5.29.0

This release includes various improvements and bug fixes.

For the complete changelog with all details, please visit:
www.sanity.io/changelog/studio-NS4yOC4w

Install or upgrade Sanity Studio

To upgrade to this version, run:

npm install sanity@latest

To initiate a new Sanity Studio project or learn more about upgrading, please refer to our comprehensive guide on Installing and Upgrading Sanity Studio.

📓 Full changelog

Author Message Commit

Note

PR body was truncated to here.


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • "before 3am on Monday"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate using a curated preset maintained by Sanity. View repository job log here

@vercel

vercel Bot commented Mar 30, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
hjaelp-community-studio Error Error Jul 12, 2026 2:47pm

Request Review

@socket-security

socket-security Bot commented Mar 30, 2026

Copy link
Copy Markdown

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm @vercel/stega is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/sanity@5.31.1npm/@vercel/stega@1.1.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@vercel/stega@1.1.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm data-urls is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/@sanity/cli@5.14.1npm/sanity@5.31.1npm/data-urls@7.0.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/data-urls@7.0.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm jsdom is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/@sanity/cli@5.14.1npm/sanity@5.31.1npm/jsdom@28.1.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/jsdom@28.1.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm jsdom is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/@sanity/cli@5.14.1npm/sanity@5.31.1npm/jsdom@28.1.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/jsdom@28.1.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
License policy violation: npm typescript

License: LicenseRef-W3C-Community-Final-Specification-Agreement - The applicable license policy does not permit this license (5) (package/ThirdPartyNoticeText.txt)

From: package.jsonnpm/typescript@5.9.3

ℹ Read more on: This package | This alert | What is a license policy violation?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/typescript@5.9.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@renovate renovate Bot force-pushed the renovate/non-major branch from 8c1478a to 611017f Compare March 30, 2026 19:26
@renovate renovate Bot force-pushed the renovate/non-major branch from 611017f to 66a2354 Compare March 31, 2026 22:43
@renovate renovate Bot force-pushed the renovate/non-major branch from 66a2354 to 5342d3c Compare April 1, 2026 15:59
@renovate renovate Bot force-pushed the renovate/non-major branch from 5342d3c to cdae617 Compare April 3, 2026 10:52
@renovate renovate Bot force-pushed the renovate/non-major branch from cdae617 to caadb01 Compare April 3, 2026 14:44
@renovate renovate Bot force-pushed the renovate/non-major branch from caadb01 to de12801 Compare April 4, 2026 22:49
@renovate renovate Bot force-pushed the renovate/non-major branch from de12801 to 9790831 Compare April 7, 2026 15:51
@renovate renovate Bot force-pushed the renovate/non-major branch from 9790831 to 6e02970 Compare April 8, 2026 17:38
@renovate renovate Bot force-pushed the renovate/non-major branch from 6e02970 to 29d40b2 Compare April 9, 2026 00:31
@renovate renovate Bot force-pushed the renovate/non-major branch from 29d40b2 to b194fb7 Compare April 11, 2026 18:49
@renovate renovate Bot force-pushed the renovate/non-major branch from b194fb7 to 4db8cdd Compare April 11, 2026 22:42
@renovate renovate Bot force-pushed the renovate/non-major branch from 4db8cdd to bb93c7a Compare April 12, 2026 18:43
@renovate renovate Bot force-pushed the renovate/non-major branch from cff6d35 to b9eee6e Compare April 24, 2026 17:01
@renovate renovate Bot force-pushed the renovate/non-major branch from b9eee6e to c56cfea Compare April 24, 2026 20:16
@renovate renovate Bot force-pushed the renovate/non-major branch from c56cfea to 44d63fa Compare April 29, 2026 16:57
@renovate renovate Bot force-pushed the renovate/non-major branch from 44d63fa to 9472f81 Compare May 3, 2026 23:12
@renovate renovate Bot force-pushed the renovate/non-major branch from 9472f81 to 5e226a6 Compare May 4, 2026 20:06
@renovate renovate Bot force-pushed the renovate/non-major branch from 5e226a6 to 75b0da0 Compare May 5, 2026 20:09
@renovate renovate Bot force-pushed the renovate/non-major branch from 75b0da0 to a744c43 Compare May 6, 2026 15:33
@renovate renovate Bot force-pushed the renovate/non-major branch from a744c43 to 31c0f85 Compare May 6, 2026 19:39
@renovate renovate Bot force-pushed the renovate/non-major branch from 31c0f85 to 6f194d4 Compare May 7, 2026 02:43
@renovate renovate Bot force-pushed the renovate/non-major branch from 6f194d4 to 6c2de4b Compare May 7, 2026 23:10
@renovate renovate Bot force-pushed the renovate/non-major branch from 6c2de4b to 12d95a9 Compare May 11, 2026 23:02
@renovate renovate Bot force-pushed the renovate/non-major branch from 12d95a9 to 9b66ff0 Compare May 12, 2026 19:57
@renovate renovate Bot force-pushed the renovate/non-major branch from 9b66ff0 to 3779e1a Compare May 14, 2026 10:53
@renovate renovate Bot force-pushed the renovate/non-major branch from 3779e1a to 6839921 Compare May 16, 2026 18:25
@renovate renovate Bot force-pushed the renovate/non-major branch from 6839921 to 4014a0a Compare May 18, 2026 13:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants