Skip to content

chore(deps): bump the minor-and-patch group across 1 directory with 5 updates#19

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/minor-and-patch-6d67ee18e5
Open

chore(deps): bump the minor-and-patch group across 1 directory with 5 updates#19
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/minor-and-patch-6d67ee18e5

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown

Bumps the minor-and-patch group with 5 updates in the / directory:

Package From To
@supabase/ssr 0.5.2 0.12.0
@supabase/supabase-js 2.108.2 2.110.1
next 16.2.9 16.2.10
autoprefixer 10.5.0 10.5.2
vitest 4.1.9 4.1.10

Updates @supabase/ssr from 0.5.2 to 0.12.0

Release notes

Sourced from @​supabase/ssr's releases.

v0.12.0

0.12.0 (2026-06-09)

Features

  • adds cookies.encode option allowing minimal cookie sizes (#126) (cf38b22)
  • bump cookie to 1.0.2 (#113) (b4a77b4)
  • cookies: add clearAuthCookiesAtScopes migration helper (#240) (4e47249)
  • full rewrite using getAll and setAll cookie methods (#1) (b6ae192)
  • improve cookie chunk handling via base64url+length encoding (#90) (6deb687)
  • pass cache headers to setAll to prevent CDN caching of auth responses (#176) (14962d2)
  • publish SSR under deprecated auth-helpers package names (#127) (e8b6102)
  • release workflow RC versioning and publish reliability (#164) (81e68f4)
  • update CI so it runs on release as well (#33) (4517996)
  • update supabase-js to latest (#133) (d65044d)
  • update supabase-js to latest (#145) (08bf7d6)
  • upgrade cookie dependency and cleanup imports (#77) (9524528)

Bug Fixes

  • add @​types/cookies to dependencies (#63) (47e5f16)
  • add create*Client string in x-client-info (#85) (f271acc)
  • allow cookies encode without getAll/setAll on browser client (#213) (89f3f28), closes #170
  • allow use of createBrowserClient without window present (#20) (27d868d)
  • auth: respect user-provided auth options in createBrowserClient (#167) (5f04837)
  • check chunkedCookie is string in server client (#57) (549fe62)
  • ci: remove packageManager field (#197) (6bf0226)
  • cookies console warnings (#136) (64ff6b3)
  • deprecate parse, serialize exports for more useful functions (#14) (0b5f881)
  • enable tree-shaking for browser bundles (#216) (f009d71)
  • fix createBrowserClient deprecation tsdoc (#17) (1df70ad)
  • force release (#98) (66710e8)
  • re-apply update CI so it runs on release as well (#49) (51d5a43)
  • release: pin npm to 11.5.2 so OIDC trusted publisher works (#249) (4af89f7)
  • remove optional dependencies (#41) (a48fe6f)
  • remove usage of internal type params (#123) (8f3e89e)
  • revert "update CI so it runs on release as well" (#44) (9d0e859)
  • revert: "feat: improve cookie chunk handling via base64url+length encoding (#90)" (#100) (2ea8e23)
  • set max-age default cookie option to 400 days (#54) (f4ed2e0)
  • set cookies for password recovery event (#32) (7dc1837)
  • set cookies when mfa challenge is verified (#27) (c217f53)
  • tsconfig: set explicit rootDir to silence TS6059 in consumer IDEs (#211) (a77ee8a), closes #209
  • update conventional commits ci to use main instead of master (#31) (bebce89)
  • update README session docs (#159) (b859905)
  • update type, remove unused imports, define AuthEvent type (#47) (4f4a375)
  • use skipAutoInitialize to prevent SSR token refresh race condition (#131) (0b7be28)
  • validate base64-prefixed chunked cookies decode to valid JSON (#210) (302cc0e)

... (truncated)

Changelog

Sourced from @​supabase/ssr's changelog.

0.12.0 (2026-06-09)

Features

  • adds cookies.encode option allowing minimal cookie sizes (#126) (cf38b22)
  • bump cookie to 1.0.2 (#113) (b4a77b4)
  • cookies: add clearAuthCookiesAtScopes migration helper (#240) (4e47249)
  • full rewrite using getAll and setAll cookie methods (#1) (b6ae192)
  • improve cookie chunk handling via base64url+length encoding (#90) (6deb687)
  • pass cache headers to setAll to prevent CDN caching of auth responses (#176) (14962d2)
  • publish SSR under deprecated auth-helpers package names (#127) (e8b6102)
  • release workflow RC versioning and publish reliability (#164) (81e68f4)
  • update CI so it runs on release as well (#33) (4517996)
  • update supabase-js to latest (#133) (d65044d)
  • update supabase-js to latest (#145) (08bf7d6)
  • upgrade cookie dependency and cleanup imports (#77) (9524528)

Bug Fixes

  • add @​types/cookies to dependencies (#63) (47e5f16)
  • add create*Client string in x-client-info (#85) (f271acc)
  • allow cookies encode without getAll/setAll on browser client (#213) (89f3f28), closes #170
  • allow use of createBrowserClient without window present (#20) (27d868d)
  • auth: respect user-provided auth options in createBrowserClient (#167) (5f04837)
  • check chunkedCookie is string in server client (#57) (549fe62)
  • ci: remove packageManager field (#197) (6bf0226)
  • cookies console warnings (#136) (64ff6b3)
  • deprecate parse, serialize exports for more useful functions (#14) (0b5f881)
  • enable tree-shaking for browser bundles (#216) (f009d71)
  • fix createBrowserClient deprecation tsdoc (#17) (1df70ad)
  • force release (#98) (66710e8)
  • re-apply update CI so it runs on release as well (#49) (51d5a43)
  • release: pin npm to 11.5.2 so OIDC trusted publisher works (#249) (4af89f7)
  • remove optional dependencies (#41) (a48fe6f)
  • remove usage of internal type params (#123) (8f3e89e)
  • revert "update CI so it runs on release as well" (#44) (9d0e859)
  • revert: "feat: improve cookie chunk handling via base64url+length encoding (#90)" (#100) (2ea8e23)
  • set max-age default cookie option to 400 days (#54) (f4ed2e0)
  • set cookies for password recovery event (#32) (7dc1837)
  • set cookies when mfa challenge is verified (#27) (c217f53)
  • tsconfig: set explicit rootDir to silence TS6059 in consumer IDEs (#211) (a77ee8a), closes #209
  • update conventional commits ci to use main instead of master (#31) (bebce89)
  • update README session docs (#159) (b859905)
  • update type, remove unused imports, define AuthEvent type (#47) (4f4a375)
  • use skipAutoInitialize to prevent SSR token refresh race condition (#131) (0b7be28)
  • validate base64-prefixed chunked cookies decode to valid JSON (#210) (302cc0e)

0.11.0 (2026-06-05)

... (truncated)

Commits
  • d8c9b60 chore(main): release 0.12.0 (#247)
  • 4af89f7 fix(release): pin npm to 11.5.2 so OIDC trusted publisher works (#249)
  • 164c7ab build(deps-dev): bump vitest from 1.6.1 to 4.1.0 in the npm_and_yarn group ac...
  • 2fd3333 chore: update @​supabase/supabase-js to v2.108.0 (#248)
  • dd766c4 chore(main): release 0.11.0 (#244)
  • 932931e build(deps): bump actions/checkout from 6.0.2 to 6.0.3 (#245)
  • 4e47249 feat(cookies): add clearAuthCookiesAtScopes migration helper (#240)
  • 34f2b6a chore: update @​supabase/supabase-js to v2.107.0 (#243)
  • 4292d04 chore: update @​supabase/supabase-js to v2.106.1 (#236)
  • a6896b1 chore: update @​supabase/supabase-js to v2.106.0 (#232)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​supabase/ssr since your current version.


Updates @supabase/supabase-js from 2.108.2 to 2.110.1

Release notes

Sourced from @​supabase/supabase-js's releases.

v2.110.1

2.110.1 (2026-07-07)

🩹 Fixes

  • auth: defer init-time notifications until initializePromise resolves (#2498)
  • realtime: suppress disconnected status from onHeartbeat consumers (#2496)

❤️ Thank You

v2.110.1-canary.0

2.110.1-canary.0 (2026-07-07)

🩹 Fixes

  • auth: defer init-time notifications until initializePromise resolves (#2498)
  • realtime: suppress disconnected status from onHeartbeat consumers (#2496)

❤️ Thank You

v2.110.0

2.110.0 (2026-06-30)

🚀 Features

  • repo: drop Node.js 20 support (#2482)

❤️ Thank You

v2.110.0-canary.0

2.110.0-canary.0 (2026-06-30)

🚀 Features

  • repo: drop Node.js 20 support (#2482)

❤️ Thank You

v2.109.0

2.109.0 (2026-06-30)

🚀 Features

... (truncated)

Changelog

Sourced from @​supabase/supabase-js's changelog.

2.110.1 (2026-07-07)

This was a version bump only for @​supabase/supabase-js to align it with other projects, there were no code changes.

2.110.0 (2026-06-30)

🚀 Features

  • repo: drop Node.js 20 support (#2482)

❤️ Thank You

2.109.0 (2026-06-30)

🩹 Fixes

  • realtime: pin @​supabase/phoenix and browser test CDN deps (#2457)

❤️ Thank You

Commits

Updates next from 16.2.9 to 16.2.10

Release notes

Sourced from next's releases.

v16.2.10

Contains no changes except publishing @next/swc-wasm-web which was accidentally not published since 16.2.4.

Commits

Updates autoprefixer from 10.5.0 to 10.5.2

Release notes

Sourced from autoprefixer's releases.

10.5.2

  • Moved -webkit-fill-available before -moz-available, so Firefox will use -webkit- version which is closer to stretch.

10.5.1

Changelog

Sourced from autoprefixer's changelog.

10.5.2

  • Moved -webkit-fill-available before -moz-available, so Firefox will use -webkit- version which is closer to stretch.

10.5.1

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for autoprefixer since your current version.


Updates vitest from 4.1.9 to 4.1.10

Release notes

Sourced from vitest's releases.

v4.1.10

   🐞 Bug Fixes

    View changes on GitHub
Commits
  • db616d2 chore: release v4.1.10 (#10718)
  • bae52b5 fix(vm): fix external module resolve error with deps optimizer query for enco...
  • See full diff in compare view

@dependabot @github

dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Author

Labels

The following labels could not be found: automated. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 6, 2026
@vercel

vercel Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
ufmt-stats Ready Ready Preview, Comment Jul 9, 2026 9:59am

… updates

Bumps the minor-and-patch group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@supabase/ssr](https://github.com/supabase/ssr) | `0.5.2` | `0.12.0` |
| [@supabase/supabase-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js) | `2.108.2` | `2.110.1` |
| [next](https://github.com/vercel/next.js) | `16.2.9` | `16.2.10` |
| [autoprefixer](https://github.com/postcss/autoprefixer) | `10.5.0` | `10.5.2` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.9` | `4.1.10` |



Updates `@supabase/ssr` from 0.5.2 to 0.12.0
- [Release notes](https://github.com/supabase/ssr/releases)
- [Changelog](https://github.com/supabase/ssr/blob/main/CHANGELOG.md)
- [Commits](supabase/ssr@v0.5.2...v0.12.0)

Updates `@supabase/supabase-js` from 2.108.2 to 2.110.1
- [Release notes](https://github.com/supabase/supabase-js/releases)
- [Changelog](https://github.com/supabase/supabase-js/blob/master/packages/core/supabase-js/CHANGELOG.md)
- [Commits](https://github.com/supabase/supabase-js/commits/v2.110.1/packages/core/supabase-js)

Updates `next` from 16.2.9 to 16.2.10
- [Release notes](https://github.com/vercel/next.js/releases)
- [Commits](vercel/next.js@v16.2.9...v16.2.10)

Updates `autoprefixer` from 10.5.0 to 10.5.2
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md)
- [Commits](postcss/autoprefixer@10.5.0...10.5.2)

Updates `vitest` from 4.1.9 to 4.1.10
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.10/packages/vitest)

---
updated-dependencies:
- dependency-name: "@supabase/ssr"
  dependency-version: 0.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: "@supabase/supabase-js"
  dependency-version: 2.110.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: autoprefixer
  dependency-version: 10.5.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: next
  dependency-version: 16.2.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: vitest
  dependency-version: 4.1.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/minor-and-patch-6d67ee18e5 branch from d24c9f2 to ecebdc4 Compare July 9, 2026 09:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants