fix(api): update minor dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
@bogeychan/elysia-logger	0.0.20 → 0.1.10
@elysiajs/cors	1.0.2 → 1.4.1
@elysiajs/eden	1.0.7 → 1.4.8
@elysiajs/server-timing	1.0.2 → 1.4.0
@elysiajs/swagger	1.0.3 → 1.3.1
@next/eslint-plugin-next (source)	14.1.0 → 14.2.35
@pandacss/dev (source)	0.31.0 → 0.54.0
@​pandacss/eslint-plugin	0.0.17 → 0.3.2
@radix-ui/react-select (source)	2.0.0 → 2.2.6
@t3-oss/env-core (source)	0.9.2 → 0.13.10
@t3-oss/env-nextjs (source)	0.8.0 → 0.13.10
@types/node (source)	18.19.1 → 18.19.130
@types/react (source)	18.2.52 → 18.3.28
@types/react-dom (source)	18.2.18 → 18.3.7
@typescript-eslint/eslint-plugin (source)	7.0.1 → 7.18.0
@typescript-eslint/parser (source)	7.0.1 → 7.18.0
@vercel/analytics (source)	1.1.2 → 1.6.1
cobe	0.6.3 → 0.6.5
date-fns	3.3.1 → 3.6.0
eslint-config-next (source)	14.1.0 → 14.2.35
eslint-plugin-import	2.29.1 → 2.32.0
eslint-plugin-jsx-a11y	6.8.0 → 6.10.2
eslint-plugin-prettier	5.1.3 → 5.5.5
eslint-plugin-react	7.33.2 → 7.37.5
eslint-plugin-react-hooks (source)	4.6.0 → 4.6.2
eslint-plugin-storybook (source)	0.6.15 → 0.12.0
jotai	2.6.4 → 2.18.1
lucide-react (source)	0.321.0 → 0.577.0
next (source)	14.1.0 → 14.2.35
next-themes	0.2.1 → 0.4.6
pandacss-preset-radix-colors	0.2.0 → 0.2.1
pnpm (source)	8.15.1 → 8.15.9
react (source)	18.2.0 → 18.3.1
react-dom (source)	18.2.0 → 18.3.1
react-icons	5.0.1 → 5.6.0
rehype-katex (source)	7.0.0 → 7.0.1
rehype-pretty-code (source)	0.12.6 → 0.14.3
remark-unwrap-images	4.0.0 → 4.0.1
schema-dts (source)	1.1.2 → 1.1.5
superjson	2.2.1 → 2.2.6
unified (source)	11.0.4 → 11.0.5
unist-util-visit	5.0.0 → 5.1.0
vaul (source)	0.9.0 → 0.9.9
zod (source)	3.22.4 → 3.25.76

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

bogeychan/elysia-logger (@​bogeychan/elysia-logger)

v0.1.10

Compare Source

Bug fix:

• pino@9.8.0 import behavior #​41

v0.1.9

Compare Source

Bug fix:

• export type BaseLoggerOptions

Improvement:

• add pino to peerDependencies

v0.1.8

Compare Source

Feature:

• new wrap function to wrap existing pino logger #​27

Bug fix:

• bump elysia to 1.2.10

v0.1.7

Compare Source

Bug fix:

• bump elysia to 1.2.2

Improvement:

• bump pino to 9.6.0

v0.1.6

Compare Source

Bug fix:

• Node.js module resolution (implicit index.js imports)

v0.1.5

Compare Source

Feature:

• new useLevel option #​24

Improvement:

• bump pino to 9.5.0

v0.1.4

Compare Source

Improvement:

• fix types entry in package.json #​22

v0.1.3

Compare Source

v0.1.2

Compare Source

Bug fix:

• pass boolean to autoLogging #​21

v0.1.1

Compare Source

Bug fix:

• pino@9.8.0 import behavior #​41

v0.1.0

Compare Source

Improvement:

• formatters.ts now logs code and message if Context is an error
• infer type in util functions of formatters.ts
• bump pino to 8.18.0
• bump elysia to 1.0.27

Breaking Change:

• automatic onError logging by default; #​18

  For more details checkout the migration guide

• InferContext now contains either Context or ErrorContext

  For more details checkout the migration guide

v0.0.23

Compare Source

v0.0.22

Compare Source

Improvement:

• bump pino to 9.1.0

v0.0.21

Compare Source

Bug fix:

• undefined log during ParseError #​16

elysiajs/elysia-cors (@​elysiajs/cors)

v1.4.1

Compare Source

Improvement:

• #​75 export CORSConfig type

Bug fix:

• #​74 ALL method not working

v1.4.0

Compare Source

What's changed

Improvement:

• support Elysia 1.4

Full Changelog: elysiajs/elysia-cors@1.3.3...1.4.0

v1.3.3

Compare Source

Bug fix:

• Using Bun shortcut to mirror headers

v1.3.2

Compare Source

Bug fix:

• #​65 strictly check origin protocol

v1.3.1

Compare Source

Bug fix:

• strictly check origin not using sub includes

v1.3.0

Compare Source

Change:

• Add support for Elysia 1.3

v1.2.0

Compare Source

Change:

• Add support for Elysia 1.2

v1.1.1

Compare Source

Feature:

• add provenance publish

v1.1.0

Compare Source

Change:

• Add support for Elysia 1.1

v1.0.5

Compare Source

Bug fix:

• fix content-type on preflight

v1.0.4

Compare Source

Bug fix:

• Mirror allow method on preflight options

elysiajs/eden (@​elysiajs/eden)

v1.4.8

Compare Source

Bug fix:

• override default header without type conflict

v1.4.7

Compare Source

Feature:

• #​236 reconcile default headers in type-level
• #​206, #​245 add parseDate option

Bug fix:

• #​247, #​246 handle network error
• #​244 don't skip index path name
• #​241 prevent freeze from thenable
• #​232 accept query array

v1.4.6

Compare Source

Bug fix:

• #​235 SSE stream parser with partial chunks
• #​234 Handle network errors in treaty and edenFetch
• #​230 properly await async headers functions in treaty
• #​229 auto-stringify ArrayString/ObjectString in FormData
• #​227 correct type inference for t.Date() in query parameters

v1.4.5

Compare Source

Improvement:

• export EdenFetchError

Bug fix:

• #​221 better handling for empty header and query types
• use ResponseInit['headers'] instead of HeadersInit for response headers type

v1.4.4

Compare Source

Bug fix:

• revert streaming transferEncoding chunked

v1.4.3

Compare Source

Bug fix:

• elysia#1466 / treaty2: unpack multiple SSE chunk
• #​213, #​214 stream response on transfer-encoding: chunked
• #​201, #​203 error codes returned in middleware are not inferred by Eden Treaty
• #​179 formdata post, wrong inference of json payload
• #​124 array file upload bug on server
• #​122 ws response data type

v1.4.2

Compare Source

What's changed

Bug fix:

• elysia#1466 / treaty2: unpack multiple SSE chunk
• #​213, #​214 stream response on transfer-encoding: chunked
• #​201, #​203 error codes returned in middleware are not inferred by Eden Treaty
• #​179 formdata post, wrong inference of json payload
• #​124 array file upload bug on server
• #​122 ws response data type

New Contributors

• @​abhishekg999 made their first contribution in #​214
• @​bogeychan made their first contribution in #​203
• @​Nanome203 made their first contribution in #​207
• @​rubnogueira made their first contribution in #​179
• @​ap0nia made their first contribution in #​122

Full Changelog: elysiajs/eden@1.4.1...1.4.2

v1.4.1

Compare Source

Bug fix:

• inline object value / Elysia file cause type error
• macro should not mark property as required

v1.4.0

Compare Source

Improvement:

• support Elysia 1.4

v1.3.3

Compare Source

Feature:

• treaty2: support type safe Server-Sent Events (SSE)
• treaty2: add utility type Treaty.Data, Treaty.Error to extract data and error type from a route

Bug fix:

• elysia#823 treaty2: not generating for dynamic params at root
• treaty2: parse Date in object
• treaty2: #​196 allow custom content-type

Change:

• minimum Elysia version is set to 1.3.18

v1.3.2

Compare Source

Bug fix:

• Unwrap FormData

v1.3.1

Compare Source

Bug fix:

• #​193 t.Files() upload from server side #​124
• #​185 exclude null-ish values from query encoding by @​ShuviSchwarze

v1.3.0

Compare Source

Feature:

• support Elysia 1.3

Breaking Change:

• treaty2: drop the need for .index()

v1.2.0

Compare Source

Feature:

• support Elysia 1.2
• Validation error inference

v1.1.3

Compare Source

Feature:

• add provenance publish

v1.1.2

Compare Source

Feature:

• #​115 Stringify query params to allow the nested object

v1.1.1

Compare Source

Feature:

• support conditional value or stream from generator function

v1.1.0

Compare Source

Feature:

• support Elysia 1.1
• support response streaming with type inference

v1.0.14

Compare Source

Feature:

• treaty2: add support for multipart/form-data
• fetch: add support for multipart/form-data

v1.0.13

Compare Source

Bug fix:

• #​87 serialization/deserialization problems with null, arrays and Date on websocket messages #​87
• #​90 Auto convert request body to FormData when needed

v1.0.12

Compare Source

Improvement:

• #​80 add package.json to export field

Bug fix:

• #​84 treaty2: adjusts the creation of the query string
• #​76 treaty2: keep requestInit for redirect
• #​73 treaty2: file get sent as json

v1.0.11

Compare Source

Improvement:

• treaty2: add dedicated processHeaders function
• treaty2: simplify some headers workflow

Change:

• treaty2: using case-insensitive headers

v1.0.10

Compare Source

Bug fix:

• treaty2: skip content-type detection if provided

v1.0.9

Compare Source

Change:

• treaty2: onRequest execute before body serialization

v1.0.8

Compare Source

Bug fix:

• #​72 treaty2: not mutate original paths array

elysiajs/server-timing (@​elysiajs/server-timing)

v1.4.0

Compare Source

What's changed

Improvement:

• support Elysia 1.4

Full Changelog: elysiajs/server-timing@1.3.0...1.4.0

v1.3.0

Compare Source

Change:

• Add support for Elysia 1.3

v1.2.1

Compare Source

Bug fix:

• #​9 broken metrics format

v1.2.0

Compare Source

Change:

• Add support for Elysia 1.2

v1.1.0

Compare Source

Change:

• Add support for Elysia 1.1

elysiajs/elysia-swagger (@​elysiajs/swagger)

v1.3.1

Compare Source

Improvement:

• type generator: add compilerOptions, tmpRoot options

Bug fix:

• type generator: use absolute path to generate types

v1.3.0

Compare Source

Improvement:

• use static response for documentation page
• plugin is no longer async
• model should be synced globally
• use parse instead of type to determine content type

v1.2.2

Compare Source

Bug fix:

• #​185 Fix path issue in Scalar config

v1.2.1

Compare Source

Bug fix:

• #​154 prevent failed to fetch spec from URL error
• elysia#1063 Using t.Ref as response schema results in invalid OpenAPI specification
• handle unfold recursive Ref to schema

v1.2.0

Compare Source

Change:

• Add support for Elysia 1.2

v1.1.6

Compare Source

Bug fix:

• #​156 add type check in cloneHook

v1.1.5

Compare Source

What's new

• fix: clone hook object before usage

Full Changelog: elysiajs/elysia-openapi@1.1.4...1.1.5

v1.1.4

Compare Source

Bug fix:

• Fix duplicate object reference

v1.1.3

Compare Source

What's Changed

• Move to pathe to support working in environments without "path" by @​Mkassabov in #​144
• Fix nested path issue in Swagger and Scalar config by @​chrisllontop in #​146
• fix: swagger date time by @​Abraxas-365 in #​148
• remove lodash.clonedeep by @​zoto-ff in #​139
• Update scalar configuration by @​zAlweNy26 in #​131

New Contributors

• @​Mkassabov made their first contribution in #​144
• @​chrisllontop made their first contribution in #​146
• @​Abraxas-365 made their first contribution in #​148
• @​zAlweNy26 made their first contribution in #​131

Full Changelog: elysiajs/elysia-openapi@1.1.2...1.1.3

v1.1.1

Compare Source

Feature:

• add hide flag

v1.1.0

Compare Source

Change:

• Add support for Elysia 1.1

v1.0.5

Compare Source

v1.0.4

Compare Source

vercel/next.js (@​next/eslint-plugin-next)

v14.2.35

Compare Source

Please see the Next.js Security Update for information about this security patch.

v14.2.34

Compare Source

v14.2.33

Compare Source

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• omit searchParam data from FlightRouterState before transport (#​80734)

Credits

Huge thanks to @​ztanner for helping!

v14.2.32

Compare Source

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• fix router handling when setting a location response header #​82588

Credits

Huge thanks to @​ztanner for helping!

v14.2.31

Compare Source

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• fix(next/image): improve and simplify detect-content-type (#​82179)
• fix(next/image): fix image-optimizer.ts headers (#​82178)

Credits

Huge thanks to @​styfle and @​ztanner for helping!

v14.2.30

Compare Source

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Backport config.allowedDevOrigins (#​80410) (Learn More)

Credits

Huge thanks to @​ijjk and @​ztanner for helping!

v14.2.29

Compare Source

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Only share incremental cache for edge in next start (#​79389)

Credits

Huge thanks to @​ijjk for helping!

v14.2.28

Compare Source

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• fix: node.js module import error when using middleware (#​77945)

Credits

Huge thanks to @​ztanner for helping!

v14.2.27

Compare Source

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• fix dynamic route interception not working when deployed with middleware (#​64923)

Credits

Huge thanks to @​ztanner for helping!

v14.2.26

Compare Source

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Match subrequest handling for edge and node (#​77476)

v14.2.25

Compare Source

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.
This release contains a security patch for CVE-2025-29927.

Core Changes

• Update middleware request header (#​77202)

Credits

Huge thanks to @​ijjk for helping!

v14.2.24

Compare Source

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• fix: ensure lint worker errors aren't silenced (#​75779)
• add additional x-middleware-set-cookie filtering (#​75561 & #​73482)

Credits

Huge thanks to @​ztanner for helping!

v14.2.23

Compare Source

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• backport: force module format for virtual client-proxy (#​74590)
• Backport: Use provided waitUntil for pending revalidates (#​74573)
• Feature: next/image: add support for images.qualities in next.config (#​74500)

Credits

Huge thanks to @​styfle, @​ijjk and @​lubieowoce for helping!

v14.2.22

Compare Source

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Retry manifest file loading only in dev mode: #​73900
• Ensure workers are cleaned up: #​71564
• Use shared worker for lint & typecheck steps: #​74154

Credits

Huge thanks to @​unstubbable, @​ijjk, and @​ztanner for helping!

v14.2.21

Compare Source

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Upgrade React from 14898b6 to 178c267: #​74115
• Fix unstable_allowDynamic when used with pnpm: #​73765

Misc Changes

• chore(docs): add missing search: '' on remotePatterns: #​73927
• chore(docs): update version history of next/image: #​73926

Credits

Huge thanks to @​unstubbable, @​ztanner, and @​styfle for helping!

v14.2.20

[Compare Source](https://redirect.gi

---

Configuration

📅 Schedule: Branch creation - "after 10pm every weekend,before 5am every weekend" in timezone Asia/Tokyo, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
reoiam-dev-web	Error		Mar 9, 2026 3:17pm

[renovate]

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: yarn.lock

error This project's package.json defines "packageManager": "yarn@bun@1.0.35". However the current global version of Yarn is 1.22.22.

Presence of the "packageManager" field indicates that the project is meant to be used with Corepack, a tool included by default with all official Node.js distributions starting from 16.9 and 14.19.
Corepack must currently be enabled by running corepack enable in your terminal. For more information, check out https://yarnpkg.com/corepack.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: yarn.lock

error This project's package.json defines "packageManager": "yarn@bun@1.0.35". However the current global version of Yarn is 1.22.22.

Presence of the "packageManager" field indicates that the project is meant to be used with Corepack, a tool included by default with all official Node.js distributions starting from 16.9 and 14.19.
Corepack must currently be enabled by running corepack enable in your terminal. For more information, check out https://yarnpkg.com/corepack.