chore(deps): bump the all-dependencies group with 13 updates

[dependabot]

Bumps the all-dependencies group with 13 updates:

Package	From	To
@clerk/nextjs	6.9.6	6.9.9
@hookform/resolvers	3.9.1	3.10.0
@prisma/client	6.1.0	6.2.1
lucide-react	0.469.0	0.471.0
next	15.1.3	15.1.4
openai	4.77.3	4.78.1
react-markdown	9.0.1	9.0.3
zustand	5.0.2	5.0.3
@types/react	19.0.2	19.0.5
@types/react-dom	19.0.2	19.0.3
eslint-config-next	15.1.3	15.1.4
prisma	6.1.0	6.2.1
typescript	5.7.2	5.7.3

Updates @clerk/nextjs from 6.9.6 to 6.9.9

Release notes

Sourced from @​clerk/nextjs's releases.

@​clerk/nextjs@​6.9.9

Patch Changes

• Always use nextUrl to build rewritten URLs (#4856) by @​dstaley

@​clerk/nextjs@​6.9.8

Patch Changes

• Add type-level validation to prevent server-side usage of system permissions (#4816) by @​LauraBeatris

  System permissions (e.g., org:sys_domains:manage) are intentionally excluded from session claims to maintain reasonable JWT sizes. For more information, refer to our docs: https://clerk.com/docs/organizations/roles-permissions#system-permissions

• Updated dependencies [44cab6038af0a4d23869b3b292ece742fbbc4d85]:

  • @​clerk/backend@​1.21.6
  • @​clerk/types@​4.40.2
  • @​clerk/clerk-react@​5.21.2
  • @​clerk/shared@​2.20.6

@​clerk/nextjs@​6.9.7

Patch Changes

• Updated dependencies [80e1117631d35834705119a79cdcf9e0ed423fdd]:
  • @​clerk/types@​4.40.1
  • @​clerk/clerk-react@​5.21.1
  • @​clerk/backend@​1.21.5
  • @​clerk/shared@​2.20.5

Changelog

Sourced from @​clerk/nextjs's changelog.

6.9.9

Patch Changes

• Always use nextUrl to build rewritten URLs (#4856) by @​dstaley

6.9.8

Patch Changes

• Add type-level validation to prevent server-side usage of system permissions (#4816) by @​LauraBeatris

  System permissions (e.g., org:sys_domains:manage) are intentionally excluded from session claims to maintain reasonable JWT sizes. For more information, refer to our docs: https://clerk.com/docs/organizations/roles-permissions#system-permissions

• Updated dependencies [44cab6038af0a4d23869b3b292ece742fbbc4d85]:

  • @​clerk/backend@​1.21.6
  • @​clerk/types@​4.40.2
  • @​clerk/clerk-react@​5.21.2
  • @​clerk/shared@​2.20.6

6.9.7

Patch Changes

• Updated dependencies [80e1117631d35834705119a79cdcf9e0ed423fdd]:
  • @​clerk/types@​4.40.1
  • @​clerk/clerk-react@​5.21.1
  • @​clerk/backend@​1.21.5
  • @​clerk/shared@​2.20.5

Commits

• 7618232 ci(repo): Version packages (#4859)
• ae17771 fix(nextjs): Always use nextUrl to build rewritten URLs (#4856)
• 7aa9cdd ci(repo): Version packages (#4848)
• 44cab60 chore(backend,nextjs,types): Prevent system permissions usage in server-side ...
• 22ace70 fix(clerk-react,nextjs): Type checking in vitest unit tests (#4844)
• 476d2f3 ci(repo): Version packages (#4841)
• See full diff in compare view

Updates @hookform/resolvers from 3.9.1 to 3.10.0

Release notes

Sourced from @​hookform/resolvers's releases.

v3.10.0

3.10.0 (2025-01-06)

Features

• update to effect 3.10 (#729) (10aca41)

Commits

• 10aca41 feat: update to effect 3.10 (#729)
• e523dde chore: update to effet 3.10 (#720)
• See full diff in compare view

Updates @prisma/client from 6.1.0 to 6.2.1

Release notes

Sourced from @​prisma/client's releases.

6.2.1

Today we are releasing the 6.2.1 patch release to address an issue with some of the omitApi preview feature checks having been accidentally omitted when making the feature GA. Now it is fully functional without the preview feature flag.

Changes

• prisma/prisma#25997

6.2.0

Today we're releasing Prisma ORM version 6.2.0 🎉

🌟 Help us spread the word about Prisma by starring the repo or tweeting about the release. 🌟

We have a number of new features in this version, including support for json and enum fields in SQLite, a new updateManyAndReturn function, support for ULID values, as well as the promotion of the omit feature from Preview to Generally Availability.

Highlights

Excluding fields via omit is now production-ready

Our number one requested feature is out of Preview and Generally Available. In 6.2.0, you no longer need to add omitApi to your list of Preview features:

generator client {
  provider        = "prisma-client-js"
- previewFeatures = ["omitApi"]
}

As a refresher: omit allows you to exclude certain fields from being returned in the results of your Prisma Client queries.

You can either do this locally, on a per-query level:

const result = await prisma.user.findMany({
  omit: {
    password: true,
  },
});

Or globally, to ensure a field is excluded from all queries of a certain model:

const prisma = new PrismaClient({
  omit: {
    user: {
      password: true
    }
  }
})
</tr></table>

... (truncated)

Commits

• 60a8268 fix(client): remove omitApi preview feature checks (#25997)
• 3b23a20 chore(deps): update engines to 6.2.0-14.4123509d24aa4dede1e864b46351bf2790323...
• 6ea6991 chore(deps): update engines to 6.2.0-12.51db5cf11ad393407e86084764bced274b48b...
• 425502f fix: node 23 support (#25971)
• 477375c chore(deps): update engines to 6.2.0-11.c49e56c20818c325095752dd0ae895b0dc7ba...
• c43e181 fix(client): allow "passing" across rpc boundary in cloudflare workers (#25914)
• 0a4ef08 chore(deps): update engines to 6.2.0-6.cc0167b764494213f0e42d0867d48643c39c83...
• ebda0b9 fix(client): make nested omit types work (#25900)
• 509b064 chore(deps): update engines to 6.2.0-4.3aa926082bfc4f57e60f2210df297fdfbc889a...
• e3e5568 feat: sqlite JSON support (#25871)
• Additional commits viewable in compare view

Updates lucide-react from 0.469.0 to 0.471.0

Release notes

Sourced from lucide-react's releases.

Dynamic Icon component Lucide React and new icons 0.471.0

New Dynamic Icon Component (lucide-react)

This is an easier approach than the previous dynamicIconImports we exported in the library. This one supports all environments. We removed the examples in the docs of how you can make a dynamic icon yourself with a dedicated DynamicIcon component. This one fetches the icon data itself and renders it instead of fetching the Icon component from the library. This makes it more flexible with all the frontend frameworks and libraries that exist for React.

🚨 Not recommended for regular applications that work fine with the regular static icon components. Using the dynamic icon component increases build time, separate bundles, and separate network requests for each icon.

How to use

DynamicIcon is useful for applications that want to show icons dynamically by icon name, for example when using a content management system where icon names are stored in a database.

const App = () => (
  <DynamicIcon name="camera" color="red" size={48} />
);

Possible Breaking changes

We have switched to the "exports" property in package.json. This can cause issues if you have directly imported scripts from the package. Please open an issue if we need to refine this export map.

New icons 🎨

• triangle-dashed (#2652) by @​Yohh

New icons 0.470.0

New icons 🎨

• house-wifi (#2723) by @​akshaymemane

Modified Icons 🔨

• rat (#2692) by @​jguddas

Commits

• 58c2e10 feat(lucide-react): Add DynamicIcon component (#2686)
• See full diff in compare view

Updates next from 15.1.3 to 15.1.4

Release notes

Sourced from next's releases.

v15.1.4

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• backport: force module format for virtual client-proxy (#74608)
• Fix prerender tags when notFound is called (#74607)
• Use provided waitUntil for pending revalidates (#74604)
• Feature: next/image: add support for images.qualities in next.config (#74588)
• Chore: docs: add missing search: '' on remotePatterns (#74587)
• Chore: docs: update version history of next/image (#73923) (#74570)
• Chore: next/image: improve imgopt api bypass detection for unsupported images (#74569)

Credits

Huge thanks to @ and @ for helping!

Commits

• 48f2588 v15.1.4
• dcb208e backport: force module format for virtual client-proxy (#74162) (#74608)
• 6f6766a Fix prerender tags when notFound is called (#74577) (#74607)
• a46f27f Use provided waitUntil for pending revalidates (#74164) (#74604)
• bc6acf6 feat(next/image): add support for images.qualities in next.config (#74588)
• d253ac5 chore(docs): add missing search: '' on remotePatterns (#73925) (#74587)
• 7b195a8 chore(docs): update version history of next/image (#73923) (#74570)
• 5a501d3 chore(next/image): improve imgopt api bypass detection for unsupported images...
• See full diff in compare view

Updates openai from 4.77.3 to 4.78.1

Release notes

Sourced from openai's releases.

v4.78.1

4.78.1 (2025-01-10)

Full Changelog: v4.78.0...v4.78.1

Bug Fixes

• send correct Accept header for certain endpoints (#1257) (8756693)

v4.78.0

4.78.0 (2025-01-09)

Full Changelog: v4.77.4...v4.78.0

Features

• client: add realtime types (#1254) (7130995)

v4.77.4

4.77.4 (2025-01-08)

Full Changelog: v4.77.3...v4.77.4

Documentation

• readme: fix misplaced period (#1252) (c2fe465)

Changelog

Sourced from openai's changelog.

4.78.1 (2025-01-10)

Full Changelog: v4.78.0...v4.78.1

Bug Fixes

• send correct Accept header for certain endpoints (#1257) (8756693)

4.78.0 (2025-01-09)

Full Changelog: v4.77.4...v4.78.0

Features

• client: add realtime types (#1254) (7130995)

4.77.4 (2025-01-08)

Full Changelog: v4.77.3...v4.77.4

Documentation

• readme: fix misplaced period (#1252) (c2fe465)

Commits

• 14784f9 release: 4.78.1
• 6070d96 fix: send correct Accept header for certain endpoints (#1257)
• 66c9715 release: 4.78.0
• d373606 feat(client): add realtime types (#1254)
• bb6ac19 release: 4.77.4
• 017d601 docs(readme): fix misplaced period (#1252)
• See full diff in compare view

Updates react-markdown from 9.0.1 to 9.0.3

Release notes

Sourced from react-markdown's releases.

9.0.3

(same as 9.0.2 but now with d.ts files)

Full Changelog: remarkjs/react-markdown@9.0.2...9.0.3

9.0.2

Types

• b151a90 Fix types for React 19 by @​remcohaszing in remarkjs/react-markdown#879
• 6962af7 Add declaration maps
• aa5933b Refactor to use @import to import types by @​remcohaszing in remarkjs/react-markdown#836

Miscellaneous

• 9eb589e Fix typo in changelog by @​NicholasWilsonDEV in remarkjs/react-markdown#874
• 515bf19 Fix typo by @​deep-lyra in remarkjs/react-markdown#868

Full Changelog: remarkjs/react-markdown@9.0.1...9.0.2

Commits

• aed0010 9.0.3
• 40c097e 9.0.2
• 2c6ffe8 Refactor .gitignore
• b664ac4 Update Actions
• e686551 Update dev-dependencies
• b151a90 Fix types for React 19
• 27d3949 Separate all typedefs into their own JSDoc blocks (#878)
• 9eb589e Fix typo in changelog
• 515bf19 Fix typo
• a7ca8ed Refactor .editorconfig
• Additional commits viewable in compare view

Updates zustand from 5.0.2 to 5.0.3

Release notes

Sourced from zustand's releases.

v5.0.3

ExtractState is a type util to extract state type from store type.

What's Changed

• feat(types): Make ExtractState public by @​vorant94 in pmndrs/zustand#2935
• fix(build): alias entries in rollup config by @​dai-shi in pmndrs/zustand#2942

New Contributors

• @​atticoos made their first contribution in pmndrs/zustand#2883
• @​sukvvon made their first contribution in pmndrs/zustand#2890
• @​Wxh16144 made their first contribution in pmndrs/zustand#2891
• @​leweyse made their first contribution in pmndrs/zustand#2913
• @​dmaskasky made their first contribution in pmndrs/zustand#2936
• @​HoberMin made their first contribution in pmndrs/zustand#2938

Full Changelog: pmndrs/zustand@v5.0.2...v5.0.3

Commits

• 3f9127f 5.0.3
• 6eff6e7 chore(deps): update dev dependencies (#2944)
• 4378abe fix(build): alias entries in rollup config (#2942)
• d2ac820 feat(types): Make ExtractState public (#2935)
• 929b547 docs(create-store.md): fix incorrect usage of create function in example (#...
• efaf416 docs(create.md): fix state selector syntax in troubleshooting example (#2938)
• 07b32d6 change prettier to fix:format (#2936)
• 6759fcb chore(.github/workflows): change 'node-version' to 'lts/*' in 'actions/setup-...
• 2e6d881 chore(eslint): change 'dist' area in 'ignores', sort rules (#2924)
• 55a7d0a chore(eslint): migrate to flat config and simplify (#2912)
• Additional commits viewable in compare view

Updates @types/react from 19.0.2 to 19.0.5

Commits

• See full diff in compare view

Updates @types/react-dom from 19.0.2 to 19.0.3

Commits

• See full diff in compare view

Updates eslint-config-next from 15.1.3 to 15.1.4

Release notes

Sourced from eslint-config-next's releases.

v15.1.4

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• backport: force module format for virtual client-proxy (#74608)
• Fix prerender tags when notFound is called (#74607)
• Use provided waitUntil for pending revalidates (#74604)
• Feature: next/image: add support for images.qualities in next.config (#74588)
• Chore: docs: add missing search: '' on remotePatterns (#74587)
• Chore: docs: update version history of next/image (#73923) (#74570)
• Chore: next/image: improve imgopt api bypass detection for unsupported images (#74569)

Credits

Huge thanks to @ and @ for helping!

Commits

• 48f2588 v15.1.4
• See full diff in compare view

Updates prisma from 6.1.0 to 6.2.1

Release notes

Sourced from prisma's releases.

6.2.1

Today we are releasing the 6.2.1 patch release to address an issue with some of the omitApi preview feature checks having been accidentally omitted when making the feature GA. Now it is fully functional without the preview feature flag.

Changes

• prisma/prisma#25997

6.2.0

Today we're releasing Prisma ORM version 6.2.0 🎉

🌟 Help us spread the word about Prisma by starring the repo or tweeting about the release. 🌟

We have a number of new features in this version, including support for json and enum fields in SQLite, a new updateManyAndReturn function, support for ULID values, as well as the promotion of the omit feature from Preview to Generally Availability.

Highlights

Excluding fields via omit is now production-ready

Our number one requested feature is out of Preview and Generally Available. In 6.2.0, you no longer need to add omitApi to your list of Preview features:

generator client {
  provider        = "prisma-client-js"
- previewFeatures = ["omitApi"]
}

As a refresher: omit allows you to exclude certain fields from being returned in the results of your Prisma Client queries.

You can either do this locally, on a per-query level:

const result = await prisma.user.findMany({
  omit: {
    password: true,
  },
});

Or globally, to ensure a field is excluded from all queries of a certain model:

const prisma = new PrismaClient({
  omit: {
    user: {
      password: true
    }
  }
})
</tr></table>

... (truncated)

Commits

• d6c1639 feat(cli): report typescript version via prisma --version (#25968)
• 425502f fix: node 23 support (#25971)
• See full diff in compare view

Updates typescript from 5.7.2 to 5.7.3

Release notes

Sourced from typescript's releases.

TypeScript 5.7.3

For release notes, check out the release announcement.

• fixed issues query for Typescript 5.7.0 (Beta).
• fixed issues query for Typescript 5.7.1 (RC).
• fixed issues query for Typescript 5.7.2 (Stable).
• fixed issues query for Typescript 5.7.3 (Stable).

Downloads are available on npm

Commits

• a5e123d Update LKG
• 8bc0204 🤖 Pick PR #60828 (Fix CodeQL configuration, releases) into release-5.7 (#60923)
• 7aa63df 🤖 Pick PR #60393 (Don't try to add an implicit undefi...) into release-5.7 (#...
• 9df7c36 Bump version to 5.7.3 and LKG
• e167412 🤖 Pick PR #60794 (Harden sanitizeLog against incorr...) into release-5.7 (#...
• 9ba364c Fix coverage build on release-5.7 (#60792)
• 4b7441a 🤖 Pick PR #60680 (Mark the inherited any-based index ...) into release-5.7 (#...
• e844dc3 Cherry-pick #60402, #60440, #60616 into release-5.7 (#60777)
• 21b02a1 🤖 Pick PR #60749 (Do not require import attribute on ...) into release-5.7 (#...
• b82fd16 🤖 Pick PR #60576 (Avoid incorrectly reusing assertion...) into release-5.7 (#...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions