Bump the minor-and-patch group across 1 directory with 28 updates

[dependabot]

Bumps the minor-and-patch group with 26 updates in the / directory:

Package	From	To
@anthropic-ai/sdk	0.77.0	0.92.0
@electric-sql/pglite	0.3.15	0.4.5
better-sqlite3	12.6.2	12.9.0
drizzle-orm	0.45.1	0.45.2
emoji-picker-react	4.18.0	4.19.1
motion	12.34.2	12.38.0
nanoid	5.1.6	5.1.11
next	16.1.6	16.2.4
pg	8.18.0	8.20.0
@types/pg	8.16.0	8.20.0
react	19.2.3	19.2.5
react-dom	19.2.3	19.2.5
resend	6.9.2	6.12.2
zod	4.3.6	4.4.2
@tailwindcss/postcss	4.2.0	4.2.4
@types/node	25.3.0	25.6.0
@vitest/coverage-v8	4.0.18	4.1.5
drizzle-kit	0.31.9	0.31.10
esbuild	0.27.3	0.28.0
eslint	9.39.2	9.39.4
eslint-config-next	16.1.6	16.2.4
eslint-plugin-sonarjs	4.0.0	4.0.3
happy-dom	20.6.3	20.9.0
lint-staged	16.2.7	16.4.0
msw	2.12.10	2.14.2
prettier	3.8.1	3.8.3

Updates @anthropic-ai/sdk from 0.77.0 to 0.92.0

Release notes

Sourced from @​anthropic-ai/sdk's releases.

sdk: v0.92.0

0.92.0 (2026-04-30)

Full Changelog: sdk-v0.91.1...sdk-v0.92.0

Features

• api: improve Managed Agents APIs (ca1bf4a)
• support setting headers via env (32f67d4)

Bug Fixes

• bedrock: throw APIError for error events delivered in chunk frames (#1021) (3ae887b)

Chores

• format: run eslint and prettier separately (7ce257c)
• internal: codegen related update (f08cc77)

sdk: v0.91.1

0.91.1 (2026-04-24)

Full Changelog: sdk-v0.91.0...sdk-v0.91.1

Bug Fixes

• memory: use restrictive file mode for memory files (#901) (6db3b7e)

Chores

• formatter: run prettier and eslint separately (974d22f)

sdk: v0.91.0

0.91.0 (2026-04-23)

Full Changelog: sdk-v0.90.0...sdk-v0.91.0

Features

• api: CMA Memory public beta (ddf732f)
• bedrock: use auth header for mantle client (#866) (aec801a)

Bug Fixes

• api: fix errors in api spec (ae10768)
• api: restore missing features (1a5b47b)

... (truncated)

Changelog

Sourced from @​anthropic-ai/sdk's changelog.

0.92.0 (2026-04-30)

Full Changelog: sdk-v0.91.1...sdk-v0.92.0

Features

• api: improve Managed Agents APIs (ca1bf4a)
• support setting headers via env (32f67d4)

Bug Fixes

• bedrock: throw APIError for error events delivered in chunk frames (#1021) (3ae887b)

Chores

• format: run eslint and prettier separately (7ce257c)
• internal: codegen related update (f08cc77)

0.91.1 (2026-04-24)

Full Changelog: sdk-v0.91.0...sdk-v0.91.1

Bug Fixes

• memory: use restrictive file mode for memory files (#901) (6db3b7e)

Chores

• formatter: run prettier and eslint separately (974d22f)

0.91.0 (2026-04-23)

Full Changelog: sdk-v0.90.0...sdk-v0.91.0

Features

• api: CMA Memory public beta (ddf732f)
• bedrock: use auth header for mantle client (#866) (aec801a)

Bug Fixes

• api: fix errors in api spec (ae10768)
• api: restore missing features (1a5b47b)

Chores

... (truncated)

Commits

• d3aff28 chore: release main (#1017)
• 3ae887b fix(bedrock): throw APIError for error events delivered in chunk frames (#1021)
• 74ac150 chore: release main (#1014)
• 22cb810 chore: release main (#1008)
• 93ac7c7 chore: release main (#1003)
• 39549e9 chore: release main (#993)
• 089fe05 chore: release main (#987)
• 73f128f chore: release main (#985)
• fd6cf54 chore: release main (#983)
• 79d1d73 chore: release main (#982)
• Additional commits viewable in compare view

Updates @electric-sql/pglite from 0.3.15 to 0.4.5

Release notes

Sourced from @​electric-sql/pglite's releases.

@​electric-sql/pglite@​0.4.5

Patch Changes

• c6bddde: Fix caching of artifacts such that they are not downloaded multiple times

@​electric-sql/pglite@​0.4.4

Patch Changes

• b88c5c3: Disable checkpointer

@​electric-sql/pglite@​0.4.3

Patch Changes

• 2ae666f: Default database, user and role are now all "postgres"
• fb95e66: Allow setting initial memory size.
• 65fc101: Disable background workers.

@​electric-sql/pglite-sync@​0.4.2

Patch Changes

• Updated dependencies [3dfa40f]
  • @​electric-sql/pglite@​0.3.16

@​electric-sql/pglite@​0.4.2

Patch Changes

• 41632c4: Allow passing initdb.wasm asset for bundlers that need it.

@​electric-sql/pglite@​0.4.1

Patch Changes

• 37fb39e: clear timers on exit; remove pglite-socket dependency on pglite-postgis

@​electric-sql/pglite-sync@​0.4.0

Minor Changes

• 408500c: Allow passing in onError to 'syncShapesToTables'

Patch Changes

• Updated dependencies [8785034]
• Updated dependencies [90cfee8]
  • @​electric-sql/pglite@​0.3.14

@​electric-sql/pglite-sync@​0.3.17

Patch Changes

• Updated dependencies [ad3d0d8]
  • @​electric-sql/pglite@​0.3.13

... (truncated)

Changelog

Sourced from @​electric-sql/pglite's changelog.

0.4.5

Patch Changes

• c6bddde: Fix caching of artifacts such that they are not downloaded multiple times

0.4.4

Patch Changes

• b88c5c3: Disable checkpointer

0.4.3

Patch Changes

• 2ae666f: Default database, user and role are now all "postgres"
• fb95e66: Allow setting initial memory size.
• 65fc101: Disable background workers.

0.4.2

Patch Changes

• 41632c4: Allow passing initdb.wasm asset for bundlers that need it.

0.4.1

Patch Changes

• 37fb39e: clear timers on exit; remove pglite-socket dependency on pglite-postgis

0.4.0

Minor Changes

• d848955: New simplified PGlite with separate initdb. New included extension: pg_textsearch (experimental). New package for postgis (experimental) as extension. Breaking changes: 'postgres' is the default database instead of 'template1'.

0.3.16

Patch Changes

• 3dfa40f: Add Apache AGE graph database extension support

Commits

• 1337be6 Version Packages (#979)
• c6bddde Fix downloading artifacts multiple times (#978)
• 4e8512c Version Packages (#971)
• b88c5c3 Disable checkpointer (not needed in single mode) (#970)
• b7ba707 Version Packages (#947)
• fb95e66 Allow set initial memory size (#957)
• 65fc101 Disable background workers (#948)
• 2ae666f Default user and role to "postgres" (#940)
• c44cd08 Version Packages (#938)
• 41632c4 Tdrz/#936 (#937)
• Additional commits viewable in compare view

Updates better-sqlite3 from 12.6.2 to 12.9.0

Release notes

Sourced from better-sqlite3's releases.

v12.9.0

What's Changed

• Update SQLite to version 3.53.0 in WiseLibs/better-sqlite3#1464

Full Changelog: WiseLibs/better-sqlite3@v12.8.0...v12.9.0

v12.8.0

What's Changed

• Readme: requires Node.js v20 or later by @​Prinzhorn in WiseLibs/better-sqlite3#1443
• Update SQLite to version 3.51.3 in WiseLibs/better-sqlite3#1460
• fix: use HolderV2() for PropertyCallbackInfo on V8 >= 12.5 by @​tstone-1 in WiseLibs/better-sqlite3#1459

New Contributors

• @​tstone-1 made their first contribution in WiseLibs/better-sqlite3#1459

Why SQLite v3.51.3 instead of v3.52.0

From the SQLite team:

Some important issues have been found with version 3.52.0. In order to give us time to deal with those issues, we plan to withdraw the 3.52.0 release. In its place, we will put up a new 3.51.3 patch release that includes a fix for the recently discovered WAL-reset bug as well as other patches. This will happen probably within about the next twelve hours.

Hence, if you were planning to upgrade to 3.52.0 tomorrow (Friday, 2026-03-14), perhaps it would be better to wait a day or so for 3.51.3.

At some point we will do version 3.52.1 which will hopefully resolve the issues that have arisen with the 3.52.0 release.

Full Changelog: WiseLibs/better-sqlite3@v12.7.1...v12.8.0

v12.7.1

Also not a viable release

The V8 API change was more bonkers than expected. See v12.8.0.

What's Changed

• fix: use Holder() instead of This() for Electron 41 compatibility by @​mceachen in WiseLibs/better-sqlite3#1456
• Roll back to SQLite to version 3.51.2 in WiseLibs/better-sqlite3#1457

Full Changelog: WiseLibs/better-sqlite3@v12.7.0...v12.7.1

v12.7.0

CAUTION: NOT A VIABLE RELEASE

Two (!!) reasons:

1. Electron v41 bit us and removed functions we were using, so a bunch of prebuilds are missing
2. From the SQLite team:

   Some important issues have been found with version 3.52.0. In order to give us time to deal with those issues, we plan to withdraw the 3.52.0 release. In its place, we will put up a new 3.51.3 patch release that includes a fix for the recently discovered WAL-reset bug as well as other patches. This will happen probably within about the next twelve hours.

What's Changed

... (truncated)

Commits

• 4058d24 12.9.0
• f653513 Update SQLite to version 3.53.0 (#1464)
• fe774f5 12.8.0
• 8617ed6 fix: use HolderV2() for PropertyCallbackInfo on V8 >= 12.5 (#1459)
• 959a018 Update SQLite to version 3.51.3 (#1460)
• 43729c0 Readme: requires Node.js v20 or later (#1443)
• 27dc751 12.7.1
• db1119c Update SQLite to version 3.51.2 (#1457)
• d2c4815 fix: use Holder() instead of This() for Electron 41 compatibility (#1456)
• ef9ffce 12.7.0
• Additional commits viewable in compare view

Updates drizzle-orm from 0.45.1 to 0.45.2

Release notes

Sourced from drizzle-orm's releases.

0.45.2

• Fixed sql.identifier(), sql.as() escaping issues. Previously all the values passed to this functions were not properly escaped causing a possible SQL Injection (CWE-89) vulnerability

Thanks to @​EthanKim88, @​0x90sh and @​wgoodall01 for reaching out to us with a reproduction and suggested fix

Commits

• 273c780 + 0.45.2 (#5534)
• 4aa6ecf Kit updates (#5490)
• e8e6edf feat(drizzle-kit): support d1 via binding (#5302)
• See full diff in compare view

Updates emoji-picker-react from 4.18.0 to 4.19.1

Commits

• See full diff in compare view

Updates motion from 12.34.2 to 12.38.0

Changelog

Sourced from motion's changelog.

[12.38.0] 2026-03-16

Added

• Added layoutAnchor prop to configure custom anchor point for resolving relative projection boxes.

Fixed

• Reorder: Fix axis switching after window resize.
• Reorder: Fix with virtualised lists.
• AnimatePresence: Ensure children are removed when exit animation matches current values.

[12.37.0] 2026-03-16

Added

• Support for hardware accelerating "start" and "end" offsets in scroll and useScroll.
• Support for oklch, oklab, lab, lch, color, color-mix, light-dark color types.

Fixed

• Fix whileInView with client-side navigation.
• Fix draggable elements when layout updates due to surrounding element re-renders.
• Improved memory pressure of layout animations.
• Ensure motion value returned from useSpring reports correct isAnimating().

[12.36.0] 2026-03-09

Added

• Allow dragSnapToOrigin to accept "x" or "y" for per-axis snapping.
• Added axis-locked layout animations with layout="x" and layout="y".
• Added skipInitialAnimation to useSpring.

Fixed

• Fixed height and width: auto animations with box-sizing: border-box.
• Reset component values when exit animation finishes.
• Ensure anticipate easing returns 1 at p === 1.
• Fix @emotion/is-prop-valid resolve error in Storybook.
• Remove data-pop-layout-id from exiting elements when animation interrupted.
• Ensure we skip WAAPI for non-animatable keyframes.
• Ensure we skip WAAPI for SVG transforms.
• Ensure MotionValue props are not passed to SVG.
• AnimatePresence: Prevent mode="wait" elements from getting stuck when switched rapidly.

[12.35.2] 2026-03-09

Fixed

... (truncated)

Commits

• 0bfc9fe v12.38.0
• 343cb0c Updating layoutAnchor
• ee99ad2 Updating changelog
• 062660b Updating changgelog
• 303da7d Updating readme
• b075adc Merge pull request #3647 from motiondivision/feat/layout-anchor
• f0991d6 Add missing layoutAnchor !== false guard in attemptToResolveRelativeTarget
• b5798e9 Merge pull request #3642 from motiondivision/worktree-fix-issue-3078
• 7686c19 Merge pull request #3636 from motiondivision/worktree-fix-issue-3061
• a95c487 Fix auto-scroll in reorder-virtualized test page
• Additional commits viewable in compare view

Updates nanoid from 5.1.6 to 5.1.11

Release notes

Sourced from nanoid's releases.

5.1.11

• Fixed breaking Nano ID by requesting big ID.

5.1.10

• Fixed breaking nanoid by requesting big ID (by @​alanzabihi).

5.1.9

• Fixed npm package size regression.

5.1.8

• Made cusatomAlphabet 75% faster (by @​saripovdenis).

5.1.7

• Added --version to CLI (by @​mahmoodhamdi).
• Updated nanoid.js for CDN (by @​mahmoodhamdi).
• Fixed docs (by @​mahmoodhamdi).
• Fixed customRandom types (by @​oguimbal).

Changelog

Sourced from nanoid's changelog.

5.1.11

• Fixed breaking Nano ID by requesting big ID.

5.1.10

• Fixed breaking Nano ID by requesting big ID (by @​alanzabihi).

5.1.9

• Fixed npm package size regression.

5.1.8

• Made cusatomAlphabet 75% faster (by @​saripovdenis).

5.1.7

• Added --version to CLI (by @​mahmoodhamdi).
• Updated nanoid.js for CDN (by @​mahmoodhamdi).
• Fixed docs (by @​mahmoodhamdi).
• Fixed customRandom types (by @​oguimbal).

Commits

• 5423cf5 Release 5.1.11 version
• 2183894 Backport 3.3.12 changelog
• 7087969 Limit ID even more
• 013517b Temporary add pnpm-workspace.yaml to npm ignore
• 5db09ee Release 5.1.10 version
• be7901a Fix random pool break
• 974f73b Structure tests with describe() instead of prefix
• fe3e7ec Update dependencies
• 043a7c1 Move to pnpm 11
• e52d946 Release 5.1.9 version
• Additional commits viewable in compare view

Updates next from 16.1.6 to 16.2.4

Release notes

Sourced from next's releases.

v16.2.4

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• chore: Bump reqwest to 0.13.2 (Fixes Google Fonts with Turbopack for Windows on ARM64) (#92713)
• Turbopack: fix filesystem watcher config not applying follow_symlinks(false) (#92631)
• Scope Safari ?ts= cache-buster to CSS/font assets only (Pages Router) (#92580)
• Compiler: Support boolean and number primtives in next.config defines (#92731)
• turbo-tasks: Fix recomputation loop by allowing cell cleanup on error during recomputation (#92725)
• Turbopack: shorter error for ChunkGroupInfo::get_index_of (#92814)
• Turbopack: shorter error message for ModuleBatchesGraph::get_entry_index (#92828)
• Adding more system info to the 'initialize project' trace (#92427)

Credits

Huge thanks to @​Badbird5907, @​lukesandberg, @​andrewimm, @​sokra, and @​mischnic for helping!

v16.2.3

[!NOTE] This release is backporting security and bug fixes. For more information about the fixed security vulnerability, please see https://vercel.com/changelog/summary-of-cve-2026-23869. The release does not include all pending features/changes on canary.

Core Changes

• Ensure app-page reports stale ISR revalidation errors via onRequestError (#92282)
• Fix [Bug]: manifest.ts breaks HMR in Next.js 16.2 (#91981 through #92273)
• Deduplicate output assets and detect content conflicts on emit (#92292)
• Fix styled-jsx race condition: styles lost due to concurrent rendering (#92459)
• turbo-tasks-backend: stability fixes for task cancellation and error handling (#92254)

Credits

Huge thanks to @​icyJoseph, @​sokra, @​wbinnssmith, @​eps1lon and @​ztanner for helping!

v16.2.2

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• backport: Move expanded adapters docs to API reference (#92115) (#92129)
• Backport: TypeScript v6 deprecations for baseUrl and moduleResolution (#92130)
• [create-next-app] Skip interactive prompts when CLI flags are provided (#91840)
• next.config.js: Accept an option for serverFastRefresh (#91968)
• Turbopack: enable server HMR for app route handlers (#91466)
• Turbopack: exclude metadata routes from server HMR (#92034)
• Fix CI for glibc linux builds
• Backport: disable bmi2 in qfilter #92177
• [backport] Fix CSS HMR on Safari (#92174)

... (truncated)

Commits

• 2275bd8 v16.2.4
• e073983 Adding more system info to the 'initialize project' trace (#92427)
• 8a540b5 Turbopack: shorter error message for ModuleBatchesGraph::get_entry_index (#92...
• 2f5343f Turbopack: shorter error for ChunkGroupInfo::get_index_of (#92814)
• 2ad9d3f turbo-tasks: Fix recomputation loop by allowing cell cleanup on error during ...
• 6f3808e Compiler: Support boolean and number primtives in next.config defines (#92731)
• fbc7684 Scope Safari ?ts= cache-buster to CSS/font assets only (Pages Router) (#92580)
• 805d758 Turbopack: fix filesystem watcher config not applying follow_symlinks(false) ...
• 1056fae chore: Bump reqwest to 0.13.2 (#92713)
• d5f649b v16.2.3
• Additional commits viewable in compare view

Updates pg from 8.18.0 to 8.20.0

Changelog

Sourced from pg's changelog.

pg@8.20.0

• Add onConnect callback to pg.Pool constructor options allowing for async initialization of newly created & connected pooled clients.

pg@8.19.0

• Deprecate interal query queue.
• Pass connection parameters to password callback.

Commits

• c9070cc Publish
• ad36e3c fix: typo in deprecation notice for client.query() (#3618)
• f2d7d11 Publish
• 5a4bafc Deprecate Client's internal query queue (#3603)
• a215bfb Typo fix in PgPass deprecation (funciton) (#3605)
• 01e0556 fix(pg-query-stream): invoke this.callback on cursor end/error (#2810)
• e6e3692 Pass connection parameters to password callback (#3602)
• d80d883 test: Fix TLS connection test ending too early
• f332f28 fix: Connection timeout handling for native clients in connected state (#3512)
• b2e9cb1 Remove testAsync - its redundant (#3588)
• Additional commits viewable in compare view

Updates @types/pg from 8.16.0 to 8.20.0

Commits

• See full diff in compare view

Updates react from 19.2.3 to 19.2.5

Release notes

Sourced from react's releases.

19.2.5 (April 8th, 2026)

React Server Components

• Add more cycle protections (#36236 by @​eps1lon and @​unstubbable)

19.2.4 (January 26th, 2026)

React Server Components

• Add more DoS mitigations to Server Actions, and harden Server Components (#35632 by @​gnoff, @​lubieowoce, @​sebmarkbage, @​unstubbable)

Commits

• 23f4f9f 19.2.5
• 90ab3f8 Version 19.2.4
• See full diff in compare view

Updates react-dom from 19.2.3 to 19.2.5

Release notes

Sourced from react-dom's releases.

19.2.5 (April 8th, 2026)

React Server Components

• Add more cycle protections (#36236 by @​eps1lon and @​unstubbable)

19.2.4 (January 26th, 2026)

React Server Components

• Add more DoS mitigations to Server Actions, and harden Server Components (#35632 by @​gnoff, @​lubieowoce, @​sebmarkbage, @​unstubbable)

Commits

• 23f4f9f 19.2.5
• 90ab3f8 Version 19.2.4
• See full diff in compare view

Updates resend from 6.9.2 to 6.12.2

Release notes

Sourced from resend's releases.

v6.12.2

What's Changed

• fix: add new domain statuses by @​rehanvdm in resend/resend-node#936

Full Changelog: resend/resend-node@v6.12.1...v6.12.2

v6.12.1

What's Changed

• chore(deps): update dependency typescript to v6.0.3 by @​renovate[bot] in resend/resend-node#935
• chore(deps): update dependency dotenv to v17.4.2 by @​renovate[bot] in resend/resend-node#927
• chore(deps): update dependency @​biomejs/biome to v2.4.12 by @​renovate[bot] in resend/resend-node#916
• fix(deps): update dependency next to v16.2.4 by @​renovate[bot] in resend/resend-node#911
• feat: add missing domain types: domains can be partially_verified/partially_failed by @​CarolinaMoraes in resend/resend-node#937

Full Changelog: resend/resend-node@v6.12.0...v6.12.1

v6.12.0

What's Changed

• chore(ci): use depot by @​gabrielmfern in resend/resend-node#931
• feat: preview tracking domains in resend/resend-node#932

Full Changelog: resend/resend-node@v6.11.0...v6.12.0

v6.11.0

What's Changed

• chore(ci): migrate from BuildJet to Blacksmith runners by @​lucasfcosta in resend/resend-node#907
• chore(deps): update dependency vitest to v4.1.3 by @​renovate[bot] in resend/resend-node#894
• chore(deps): update dependency @​types/node to v24.12.2 by @​renovate[bot] in resend/resend-node#906
• fix(deps): update dependency svix to v1.90.0 by @​renovate[bot] in resend/resend-node#892
• chore(deps): update dependency @​biomejs/biome to v2.4.10 by @​renovate[bot] in resend/resend-node#885
• fix(deps): update dependency next to v16.2.2 by @​renovate[bot] in resend/resend-node#893
• chore(deps): update dependency typescript to v6 by @​renovate[bot] in resend/resend-node#895
• chore(deps): update pnpm to v10.33.0 by @​renovate[bot] in resend/resend-node#896
• fix(deps): update dependency esbuild to v0.28.0 by @​renovate[bot] in resend/resend-node#909
• chore(deps): update dependency dotenv to v17.4.1 by @​renovate[bot] in resend/resend-node#908
• chore(deps): update dependency vitest to v4.1.4 by @​renovate[bot] in resend/resend-node#913
• fix(deps): update react monorepo to v19.2.5 by @​renovate[bot] in resend/resend-node#912
• fix(deps): update dependency next to v16.2.3 [security] by @​renovate[bot] in resend/resend-node#922
• feat: add automations and events by @​felipefreitag in resend/resend-node#866
• chore: bump version by @​isabellaaquino in resend/resend-node#925
• fix: case conventions by @​isabellaaquino in resend/resend-node#926
• chore: bump to 6.11.0 for release by @​lucasfcosta in resend/resend-node#928

Full Changelog: resend/resend-node@v6.10.0...v6.11.0

v6.10.0

... (truncated)

Commits

• b514002 fix: add new domain statuses (#936)
• 1c10dbe feat: add missing domain types: domains can be partially_verified/partially_f...
• 168443a fix(deps): update dependency next to v16.2.4 (#911)
• 93328d9 chore(deps): update dependency @​biomejs/biome to v2.4.12 (#916)
• 135aaaf chore(deps): update dependency dotenv to v17.4.2 (#927)
• d7b7f1c chore(deps): update dependency typescript to v6.0.3 (#935)
• 39241d0 feat: preview tracking domains (#932)
• fe864dc chore(ci): use depot (#931)
• 48b793f chore: bump to 6.11.0 for release (#928)
• eb2fafe fix: case conventions (#926)
• Additional commits viewable in compare view

Updates zod from 4.3.6 to 4.4.2

Release notes

Sourced from zod's releases.

v4.4.2

Commits:

• 0c62df0ea19fd05abdf90473e9eef7eea530fab2 Clean up docs navigation and stale labels (#5901)
• 20cc794895cc8604fe0c87d83a5d1c3f89fad0ac chore: add security policy and refresh tooling deps
• 6fbe07b0177efdd1bf1c0b05160e70d7a0702337 fix(docs): heading anchor links now include the hash so it doesnt scoll all the way up, follows navbar logic (#5791)
• 4bbed1b1c73eca4ce9e59b1189ed236aa6c8b5bd Tighten discriminated union option typing
• bbac3e567e7fccfaaf7cdc97f1ce30c295e2c908 Update PR guidance for agents
• cf0dc942a32805c292fff59ade20a7ace980735a Merge remote-tracking branch 'origin/main' into fix-discriminated-union-key-constraint
• 292c894a5fd2aa42e527900b83d8d7a3009a709c docs: add Zernio gold sponsor
• 1fc9f311c28dcf80d0bb5a36b177086cbc3d8eca docs: document codec inversion
• 1373c85da9aeff704a9762d27bc58699618aefb7 docs: remove AI disclosure guidance
• e20d02b473c08e3a4e557bc610b1b5fac079b649 chore: ignore triage notes
• e58ea4d91b1dfe8194b73508203213cbc7e9c936 docs: test Zod Mini tab code heights
• 905761a5d127e8d5dd2ebb3bc88c75cb0b8149ff docs: document preprocess input type narrowing
• bf64bac850d4dee2b7dde7e64909d5d796d32043 chore: tighten test guidance in AGENTS.md
• 8ec4e73f4c4693b6361ad591be40fb41eb8a9f95 chore: update play.ts scratch
• 02c2baf7d0d615872fa4528a8020603b71211702 Make z.preprocess defer optionality to inner schema (#5929)
• 88015df8e25c44fb5385eb3ef28935119cd5edea fix(docs): drop deprecated baseUrl from tsconfig
• c59d4474e3b4cad1b323462186cf607178ce8267 4.4.2

v4.4.1

Commits:

• 481f7be4238c83ed58183f921b2646f340a91c6a ci: gate release publishing on full test workflow
• 95ccab423aec720b2523c3a64cdc7e3204537cc7 test(v3): restore optional undefined expectations
• cede2c63739a5823d6aa5093d291e9a111da943d fix(v4): reject tuple holes before required defaults (#5900)
• edd0bf0f5ada4a8dc581c259407d7bbad0a71ea7 release: 4.4.1
• 180d83d1dbe6a59260710cc8637a3dea2281ee56 docs: remove Jazz featured sponsor

v4.4.0

4.4.0

This is a minor release with a wide set of correctness and soundness fixes. Some fixes intentionally make Zod stricter, so code that depended on previously accepted invalid or ambiguous inputs may need small updates.

Potentially breaking bug fixes

Tuple defaults now materialize output values correctly

Fixed in #5661. Tuple parsing now more accurately reflects defaults, optional tails, explicit undefined, and under-filled inputs. The headline behavior is that defaults in tuple positions now properly appear in parsed output.

const schema = z.tuple([
  z.string(),
  z.string().default("fallback"),
]);
schema.parse(["a"]);
// ["a", "fallback"]

... (truncated)

Commits

• c59d447 4.4.2
• 88015df fix(docs): drop deprecated baseUrl from tsconfig
• 02c2baf Make z.preprocess defer optionality to inner schema (#5929)
• 8ec4e73 chore: update play.ts scratch
• bf64bac chore: tighten test guidance in AGENTS.md
• 905761a docs: document preprocess input type narrowing
• e58ea4d docs: test Zod Mini tab code heights
• e20d02b chore: ignore triage notes
• 1373c85 docs: remove AI disclosure guidance
• 1fc9f31 docs: document codec inversion
• Additional commits viewable in

[dependabot]

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.