deps(deps): bump the minor-and-patch group with 12 updates

[dependabot]

Bumps the minor-and-patch group with 12 updates:

Package	From	To
ioredis	5.9.2	5.9.3
lucide-react	0.563.0	0.564.0
openai	6.18.0	6.22.0
puppeteer	24.37.2	24.37.3
resend	6.9.1	6.9.2
tailwind-merge	3.4.0	3.4.1
undici	7.21.0	7.22.0
video.js	8.23.6	8.23.7
@types/node	25.2.2	25.2.3
@types/react	19.2.13	19.2.14
@vitejs/plugin-react	5.1.3	5.1.4
dotenv	17.2.4	17.3.1

Updates ioredis from 5.9.2 to 5.9.3

Release notes

Sourced from ioredis's releases.

v5.9.3

5.9.3 (2026-02-12)

Bug Fixes

• autopipelining to route writes to masters with scaleReads (#2072) (8adb1ae)
• fix issue with moved command for replicas (#2064) (de4eed4)
• types: optional properties on RedisOptions allow explicit undefined (#2066) (0a1a898)

Changelog

Sourced from ioredis's changelog.

5.9.3 (2026-02-12)

Bug Fixes

• autopipelining to route writes to masters with scaleReads (#2072) (8adb1ae)
• fix issue with moved command for replicas (#2064) (de4eed4)
• types: optional properties on RedisOptions allow explicit undefined (#2066) (0a1a898)

5.9.3 (2026-02-12)

Bug Fixes

• autopipelining to route writes to masters with scaleReads (#2072) (8adb1ae)
• fix issue with moved command for replicas (#2064) (de4eed4)
• types: optional properties on RedisOptions allow explicit undefined (#2066) (0a1a898)

Commits

• cd19ab0 chore(release): 5.9.3 [skip ci]
• 326528b chore(release): 5.9.3 [skip ci]
• 0a1a898 fix(types): optional properties on RedisOptions allow explicit undefined (#2066)
• 8adb1ae fix: autopipelining to route writes to masters with scaleReads (#2072)
• de4eed4 fix: fix issue with moved command for replicas (#2064)
• See full diff in compare view

Updates lucide-react from 0.563.0 to 0.564.0

Release notes

Sourced from lucide-react's releases.

Version 0.564.0

What's Changed

• chore(docs): Improve SEO icon detail pages by @​ericfennis in lucide-icons/lucide#4040
• feat(icons): added database-search icon by @​Spleefies in lucide-icons/lucide#4003
• fix(icons): changed user-lock icon by @​jguddas in lucide-icons/lucide#3971
• fix(icons): changed bug-off icon by @​jguddas in lucide-icons/lucide#3972
• fix(icons): changed bell-dot icon by @​jguddas in lucide-icons/lucide#3973
• fix(icons): changed bandage icon by @​jguddas in lucide-icons/lucide#3967
• fix(icons): changed hard-drive icon by @​jguddas in lucide-icons/lucide#3622
• fix(icons): changed git-branch icon by @​jguddas in lucide-icons/lucide#3938
• fix(icons): changed file-cog icon by @​jguddas in lucide-icons/lucide#3965
• fix(icons): changed cloud-alert and cloud-check icon by @​jguddas in lucide-icons/lucide#3976
• feat(icons): adds user-key and user-round-key, updates other -key icons to match by @​karsa-mistmere in lucide-icons/lucide#4044

New Contributors

• @​Spleefies made their first contribution in lucide-icons/lucide#4003

Full Changelog: lucide-icons/lucide@0.563.1...0.564.0

Hotfix @lucide/svelte hasA11yProp.js import

What's Changed

• fix(@​lucide/svelte): Fix build in by @​ericfennis in lucide-icons/lucide#4026

Full Changelog: lucide-icons/lucide@0.563.0...0.563.1

Commits

• See full diff in compare view

Updates openai from 6.18.0 to 6.22.0

Release notes

Sourced from openai's releases.

v6.22.0

6.22.0 (2026-02-14)

Full Changelog: v6.21.0...v6.22.0

Features

• api: container network_policy and skills (65c1482)

Bug Fixes

• docs: restore helper methods in API reference (3a4c189)
• webhooks: restore webhook type exports (49bbf46)

Chores

• internal: avoid type checking errors with ts-reset (4b0d1f2)

Documentation

• split api.md by standalone resources (48e07d6)
• update comment (e3a1ea0)

v6.21.0

6.21.0 (2026-02-10)

Full Changelog: v6.20.0...v6.21.0

Features

• api: support for images in batch api (017ba1c)

v6.20.0

6.20.0 (2026-02-10)

Full Changelog: v6.19.0...v6.20.0

Features

• api: skills and hosted shell (e4bdd62)

v6.19.0

6.19.0 (2026-02-09)

Full Changelog: v6.18.0...v6.19.0

Features

... (truncated)

Changelog

Sourced from openai's changelog.

6.22.0 (2026-02-14)

Full Changelog: v6.21.0...v6.22.0

Features

• api: container network_policy and skills (65c1482)

Bug Fixes

• docs: restore helper methods in API reference (3a4c189)
• webhooks: restore webhook type exports (49bbf46)

Chores

• internal: avoid type checking errors with ts-reset (4b0d1f2)

Documentation

• split api.md by standalone resources (48e07d6)
• update comment (e3a1ea0)

6.21.0 (2026-02-10)

Full Changelog: v6.20.0...v6.21.0

Features

• api: support for images in batch api (017ba1c)

6.20.0 (2026-02-10)

Full Changelog: v6.19.0...v6.20.0

Features

• api: skills and hosted shell (e4bdd62)

6.19.0 (2026-02-09)

Full Changelog: v6.18.0...v6.19.0

Features

• api: responses context_management (40e7671)

Commits

• fe49a7b release: 6.22.0
• 07d1636 fix(docs): restore helper methods in API reference
• 8ed3a89 test(types): guard legacy resource type exports
• 2b67577 fix(webhooks): restore webhook type exports
• 61193fe feat(api): container network_policy and skills
• 71c9c98 docs: split api.md by standalone resources
• cf3fe4a codegen metadata
• 0579289 codegen metadata
• aacec4b chore(internal): avoid type checking errors with ts-reset
• 32e3a41 docs: update comment
• Additional commits viewable in compare view

Updates puppeteer from 24.37.2 to 24.37.3

Release notes

Sourced from puppeteer's releases.

puppeteer-core: v24.37.3

24.37.3 (2026-02-13)

🛠️ Fixes

• do not resolve user data dir if it is absolute (#14680) (7765ae7)
• roll to Chrome 145.0.7632.67 (#14679) (dfc22dd)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​puppeteer/browsers bumped from 2.12.0 to 2.12.1

puppeteer: v24.37.3

24.37.3 (2026-02-13)

♻️ Chores

• puppeteer: Synchronize puppeteer versions

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​puppeteer/browsers bumped from 2.12.0 to 2.12.1
    • puppeteer-core bumped from 24.37.2 to 24.37.3

Changelog

Sourced from puppeteer's changelog.

24.37.3 (2026-02-13)

♻️ Chores

• puppeteer: Synchronize puppeteer versions

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​puppeteer/browsers bumped from 2.12.0 to 2.12.1

🛠️ Fixes

• do not resolve user data dir if it is absolute (#14680) (7765ae7)
• roll to Chrome 145.0.7632.67 (#14679) (dfc22dd)

Commits

• eee111b chore: release main (#14683)
• 905f1ab chore(deps): bump qs from 6.14.1 to 6.14.2 in /website (#14682)
• 11f01ef fix(wsl): check for linux locations first (#14681)
• 7765ae7 fix: do not resolve user data dir if it is absolute (#14680)
• dfc22dd fix: roll to Chrome 145.0.7632.67 (#14679)
• b0aa4dd chore(webdriver): update chromium-bidi to 14.0.0 (#14675)
• c789392 revert: "fix: disable ReadAnythingOmniboxChip by default" (#14674)
• 1c21c1e chore(deps): bump semver from 7.7.3 to 7.7.4 in the dependencies group (#14664)
• 88ca20b chore(deps): bump the all group in /website with 2 updates (#14666)
• 3a8df88 chore(deps): bump github/codeql-action from 4.32.0 to 4.32.2 in the all group...
• Additional commits viewable in compare view

Updates resend from 6.9.1 to 6.9.2

Release notes

Sourced from resend's releases.

v6.9.2

What's Changed

• feat: improve type errors for audience -> segments transition by @​gabrielmfern in resend/resend-node#815
• chore(deps): update tj-actions/changed-files digest to caee9d9 by @​renovate[bot] in resend/resend-node#818
• fix(deps): update dependency next to v16.1.6 by @​renovate[bot] in resend/resend-node#819
• fix: inbound attachment types mismatch API values by @​gabrielmfern in resend/resend-node#828
• fix: support for Cloudflare Workers, and other non-Node environments by @​gabrielmfern in resend/resend-node#820
• chore: bump to 6.9.2 by @​gabrielmfern in resend/resend-node#843
• fix(topics): broken types referencing defaultSubscription by @​gabrielmfern in resend/resend-node#844

Full Changelog: resend/resend-node@v6.9.1...v6.9.2

Commits

• 64674c3 fix(topics): broken types referencing defaultSubscription (#844)
• 41c9573 chore: bump to 6.9.2 (#843)
• 31b1e99 fix: support for Cloudflare Workers, and other non-Node environments (#820)
• f47cda7 fix: inbound attachment types mismatch API values (#828)
• 1aca23f fix(deps): update dependency next to v16.1.6 (#819)
• 8ced8a0 chore(deps): update tj-actions/changed-files digest to caee9d9 (#818)
• 98a2747 feat: improve type errors for audience -> segments transition (#815)
• See full diff in compare view

Updates tailwind-merge from 3.4.0 to 3.4.1

Release notes

Sourced from tailwind-merge's releases.

v3.4.1

Bug Fixes

• Prevent arbitrary font-family and font-weight from merging by @​roneymoon in dcastil/tailwind-merge#635

Full Changelog: dcastil/tailwind-merge@v3.4.0...v3.4.1

Thanks to @​brandonmcconnell, @​manavm1990, @​langy, @​roboflow, @​syntaxfm, @​getsentry, @​codecov, a private sponsor, @​block, @​openclaw, @​sourcegraph and more via @​thnxdev for sponsoring tailwind-merge! ❤️

Commits

• 02b6eb6 v3.4.1
• 6b845eb add agent info for release workflow
• 655f2f1 add changelog for v3.4.1
• e44e5eb add agent docs
• 4a38681 Merge pull request #644 from dcastil/renovate/major-vitest-monorepo
• 23ac259 migrate to vitest v4
• 927f617 chore(deps): update vitest monorepo to v4
• aea4869 Merge pull request #648 from dcastil/renovate/major-octokit-monorepo
• 78365f2 Merge pull request #646 from dcastil/renovate/actions-exec-3.x
• b08384d fix(deps): update dependency @​octokit/types to v16
• Additional commits viewable in compare view

Updates undici from 7.21.0 to 7.22.0

Release notes

Sourced from undici's releases.

v7.22.0

What's Changed

• docs: fix syntax highlighting in WebSocket.md by @​styfle in nodejs/undici#4814
• fix: use OR operator in includesCredentials per WHATWG URL Standard by @​jackhax in nodejs/undici#4816
• feat(dispatcher/env-http-proxy-agent): strip leading dot and asterisk by @​SuperOleg39 in nodejs/undici#4676
• fix: route WebSocket upgrades through onRequestUpgrade by @​mcollina in nodejs/undici#4787
• build(deps-dev): bump esbuild from 0.25.12 to 0.27.3 by @​dependabot[bot] in nodejs/undici#4821
• fix(deduplicate): do not deduplicate non-safe methods by default by @​mcollina in nodejs/undici#4818
• feat: Support async cache stores in revalidation by @​marcopiraccini in nodejs/undici#4826

New Contributors

• @​jackhax made their first contribution in nodejs/undici#4816
• @​marcopiraccini made their first contribution in nodejs/undici#4826

Full Changelog: nodejs/undici@v7.21.0...v7.22.0

Commits

• 0a23610 Bumped v7.22.0 (#4829)
• f3c5c61 feat: Support async cache stores in revalidation (#4826)
• 9b78a44 fix(deduplicate): avoid deduping methods not in methods option (#4818)
• 0ce57ba build(deps-dev): bump esbuild from 0.25.12 to 0.27.3 (#4821)
• 2453caf fix: route websocket upgrades through new handler API (#4787)
• 4658cdf feat(dispatcher/env-http-proxy-agent): strip leading dot and asterisk (#4676)
• a821c56 fix: use OR operator in includesCredentials per WHATWG URL Standard (#4816)
• b3326b5 docs: fix syntax highlighting in WebSocket.md (#4814)
• See full diff in compare view

Updates video.js from 8.23.6 to 8.23.7

Changelog

Sourced from video.js's changelog.

8.23.7 (2026-02-05)

Bug Fixes

• Allow use in jsdom environments without window.CSS (#9137) (08f3ee3)
• Broken menu button setIcon type (#9089) (93ecc35)
• convert Tracklist length to a getter and fix event docs (#9142) (46779e8)
• lang: improve finnish lang support (#9114) (9cc0b34)
• lang: updated translations for gl (#9026) (553253c)
• prevent current time display showing 0:00 during seek (#9135) (ec33990)

Chores

• package: update vhs to v3.17.3 (#9147) (e27bb32)
• tags and version changes into main (#9123) (67ba442)
• update prod dependencies (#9129) (d203eab)

Documentation

• Clarify copyright and project stewardship (#9104) (20f8d76)

Commits

• 31dfb75 8.23.7
• e27bb32 chore(package): update vhs to v3.17.3 (#9147)
• 67ba442 chore: tags and version changes into main (#9123)
• 553253c fix(lang): updated translations for gl (#9026)
• 9cc0b34 fix(lang): improve finnish lang support (#9114)
• 46779e8 fix: convert Tracklist length to a getter and fix event docs (#9142)
• 08f3ee3 fix: Allow use in jsdom environments without window.CSS (#9137)
• 93ecc35 fix: Broken menu button setIcon type (#9089)
• ec33990 fix: prevent current time display showing 0:00 during seek (#9135)
• d203eab chore: update prod dependencies (#9129)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by essk, a new releaser for video.js since your current version.

Updates @types/node from 25.2.2 to 25.2.3

Commits

• See full diff in compare view

Updates @types/react from 19.2.13 to 19.2.14

Commits

• See full diff in compare view

Updates @vitejs/plugin-react from 5.1.3 to 5.1.4

Release notes

Sourced from @​vitejs/plugin-react's releases.

plugin-react@5.1.4

Fix canSkipBabel not accounting for babel.overrides (#1098)

When configuring babel.overrides without top-level plugins or presets, Babel was incorrectly skipped. The canSkipBabel function now checks for overrides.length to ensure override configurations are processed.

Changelog

Sourced from @​vitejs/plugin-react's changelog.

5.1.4 (2026-02-10)

Fix canSkipBabel not accounting for babel.overrides (#1098)

When configuring babel.overrides without top-level plugins or presets, Babel was incorrectly skipped. The canSkipBabel function now checks for overrides.length to ensure override configurations are processed.

Commits

• f066114 release: plugin-react@5.1.4
• e299dca fix(plugin-react): canSkipBabel not checking babel.overrides (#1098)
• 12ffadc fix(deps): update all non-major dependencies (#1103)
• See full diff in compare view

Updates dotenv from 17.2.4 to 17.3.1

Changelog

Sourced from dotenv's changelog.

17.3.1 (2026-02-12)

Changed

• Fix as2 example command in README and update spanish README

17.3.0 (2026-02-12)

Added

• Add a new README section on dotenv’s approach to the agentic future.

Changed

• Rewrite README to get humans started more quickly with less noise while simultaneously making more accessible for llms and agents to go deeper into details.

Commits

• 7bc16a4 17.3.1
• 27303fd update README-es
• 6379eb2 update README
• b6d7339 fix spelling
• 5febe35 17.3.0
• f61f383 changelog 🪵
• dec94ad update README
• 4856950 update README
• 6351887 update README
• 23bd017 update README
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: automated, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​types/​react@​19.2.13 ⏵ 19.2.14	+1		+1
	@​types/​node@​25.2.2 ⏵ 25.2.3			+1
	tailwind-merge@​3.4.0 ⏵ 3.4.1	+1		+1	+1
	puppeteer@​24.37.2 ⏵ 24.37.3				+1
	ioredis@​5.9.2 ⏵ 5.9.3	+1		+1
	video.js@​8.23.7
	lucide-react@​0.563.0 ⏵ 0.564.0	+1		+1	+3
	dotenv@​17.2.4 ⏵ 17.3.1				+3
	undici@​7.21.0 ⏵ 7.22.0	+1		+1	+2
	@​vitejs/​plugin-react@​5.1.3 ⏵ 5.1.4
	openai@​6.18.0 ⏵ 6.22.0			+1	+1
	resend@​6.9.1 ⏵ 6.9.2	+1

View full report