chore(deps): update non-major

[renovate]

Coming soon: The Renovate bot (GitHub App) will be renamed to Mend. PRs from Renovate will soon appear from 'Mend'. Learn more here.

This PR contains the following updates:

Package	Change	Age	Confidence
@commitlint/cli (source)	^19.6.1 -> ^19.8.1
@commitlint/config-conventional (source)	^19.6.0 -> ^19.8.1
@sanity/ui (source)	^3.0.7 -> ^3.1.8
@types/node (source)	^24.3.0 -> ^24.5.2
@types/react (source)	^19.1.10 -> ^19.1.15
@types/react-dom (source)	^19.1.7 -> ^19.1.9
@typescript-eslint/eslint-plugin (source)	^8.22.0 -> ^8.44.1
@typescript-eslint/parser (source)	^8.22.0 -> ^8.44.1
eslint-config-prettier	^9.1.0 -> ^9.1.2
eslint-plugin-import	^2.31.0 -> ^2.32.0
eslint-plugin-prettier	^5.2.3 -> ^5.5.4
eslint-plugin-react	^7.37.4 -> ^7.37.5
eslint-plugin-react-hooks (source)	^5.1.0 -> ^5.2.0
lint-staged	^15.0.2 -> ^15.5.2
sanity (source)	^4.4.1 -> ^4.10.1
typescript (source)	5.8.3 -> 5.9.2

---

Release Notes

sanity-io/ui (@​sanity/ui)

v3.1.8

Compare Source

Bug Fixes

• deps: update dependency framer-motion to ^12.23.22 (main) (#​2109) (2d605cf)

v3.1.7

Compare Source

Bug Fixes

• deps: update dependency framer-motion to ^12.23.21 (main) (#​2101) (0ee41d2)

v3.1.6

Compare Source

Bug Fixes

• deps: update dependency framer-motion to ^12.23.19 (main) (#​2097) (43a8ee2)

v3.1.5

Compare Source

Bug Fixes

• deps: update dependency framer-motion to ^12.23.18 (main) (#​2084) (cd740ab)

v3.1.4

Compare Source

Bug Fixes

• deps: update dependency framer-motion to ^12.23.16 (main) (#​2080) (11bc8d0)

v3.1.3

Compare Source

Bug Fixes

• react 18 regression (#​2075) (5aa8489)

v3.1.2

Compare Source

Bug Fixes

• deps: update dependency framer-motion to ^12.23.15 (main) (#​2064) (ee0ca00)

v3.1.1

Compare Source

Bug Fixes

• deps: update React Compiler dependencies 🤖 ✨ (#​2060) (194e9dc)

v3.1.0

Compare Source

Features

• add options prop to useGlobalKeyDown (#​2061) (7fd41e0)

v3.0.14

Compare Source

Bug Fixes

• remove useArrayProp usage (#​2055) (d693ec7)

v3.0.13

Compare Source

Bug Fixes

• handle react-hooks/set-state-in-effect (#​2054) (dd7c347)

v3.0.12

Compare Source

Bug Fixes

• handle react-hooks/preserve-manual-memoization (#​2053) (c797d2b)

v3.0.11

Compare Source

Bug Fixes

• handle react-hooks/refs (#​2052) (630922b)

v3.0.10

Compare Source

Bug Fixes

• add displayName to React.createContext (#​2047) (1232e9b)

v3.0.9

Compare Source

Bug Fixes

• deps: update React Compiler dependencies 🤖 ✨ (#​2044) (56ed2c8)

v3.0.8

Compare Source

Bug Fixes

• deps: update dependency @​floating-ui/react-dom to ^2.1.6 (main) (#​1985) (ec2bb11)

typescript-eslint/typescript-eslint (@​typescript-eslint/eslint-plugin)

v8.44.1

Compare Source

🩹 Fixes

• eslint-plugin: [await-thenable] should not report passing values to promise aggregators which may be a promise in an array literal (#​11611)
• eslint-plugin: [no-unsafe-enum-comparison] support unions of literals (#​11599)
• eslint-plugin: [no-base-to-string] make ignoredTypeNames match type names without generics (#​11597)

❤️ Thank You

• Kirk Waiblinger @​kirkwaiblinger
• mdm317
• Ronen Amiel

You can read about our versioning strategy and releases on our website.

v8.44.0

Compare Source

🚀 Features

• eslint-plugin: [await-thenable] report invalid (non-promise) values passed to promise aggregator methods (#​11267)

🩹 Fixes

• eslint-plugin: [no-unnecessary-type-conversion] ignore enum members (#​11490)

❤️ Thank You

• Moses Odutusin @​thebolarin
• Ronen Amiel

You can read about our versioning strategy and releases on our website.

v8.43.0

Compare Source

🚀 Features

• typescript-estree: disallow empty type parameter/argument lists (#​11563)

🩹 Fixes

• eslint-plugin: [prefer-return-this-type] don't report an error when returning a union type that includes a classType (#​11432)
• eslint-plugin: [no-deprecated] should report deprecated exports and reexports (#​11359)
• eslint-plugin: [no-floating-promises] allowForKnownSafeCalls now supports function names (#​11423, #​11430)
• eslint-plugin: [consistent-type-exports] fix declaration shadowing (#​11457)
• eslint-plugin: [no-unnecessary-type-conversion] only report ~~ on integer literal types (#​11517)
• scope-manager: exclude Program from DefinitionBase node types (#​11469)
• eslint-plugin: [no-non-null-assertion] do not suggest optional chain on LHS of assignment (#​11489)
• type-utils: add union type support to TypeOrValueSpecifier (#​11526)

❤️ Thank You

• Dima @​dbarabashh
• Kirk Waiblinger @​kirkwaiblinger
• mdm317
• tao
• Victor Genaev @​mainframev
• Yukihiro Hasegawa @​y-hsgw
• 민감자(Minji Kim) @​mouse0429
• 송재욱

You can read about our versioning strategy and releases on our website.

v8.42.0

Compare Source

🩹 Fixes

• deps: update eslint monorepo to v9.33.0 (#​11482)

You can read about our versioning strategy and releases on our website.

v8.41.0

Compare Source

🩹 Fixes

• deps: update dependency prettier to v3.6.2 (#​11496)

You can read about our versioning strategy and releases on our website.

v8.40.0

Compare Source

🚀 Features

• typescript-estree: forbid invalid keys in EnumMember (#​11232)

❤️ Thank You

• fisker Cheung @​fisker

You can read about our versioning strategy and releases on our website.

typescript-eslint/typescript-eslint (@​typescript-eslint/parser)

v8.44.1

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

v8.44.0

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

v8.43.0

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

v8.42.0

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

v8.41.0

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

v8.40.0

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

sanity-io/sanity (sanity)

v4.10.1

Compare Source

Bug Fixes

• core: wrap useReferringDocuments projection in curly braces (#​10750) (8e15373)
• deps: update dependency @​portabletext/editor to ^2.13.1 (#​10747) (5edcd32)
• deps: update dependency @​portabletext/editor to ^2.13.2 (#​10752) (962c5b0)
• deps: update dependency groq-js to ^1.19.0 (#​10751) (0e61cf3)
• fix issue where single workspaces weren't opening the dropdown to show the new manage actions (#​10746) (29fdbfe)
• sanity: make new manage links staging aware (#​10753) (db183ef)
• sanity: pasting Portable Text data into StringInputPortableText (#​10748) (0f14b5c)
• sanity: use the correct colour for diffs in draft versions (#​10738) (1b86d66)

v4.10.0

Compare Source

Features

• sanity: add strict version layering (cdb7d83)
• sanity: export getDocumentIsInPerspective (066182d)
• sanity: use strict version layering when opening document comparison view (c11fbe5)
• sanity: use upstream version as comparison value in document editor (#​10655) (1b4ee38)

Bug Fixes

• core: sanitize authorization header from copy error details (#​10582) (8feeace)
• core: tasks due dates showing incorrect value on timezones behind UTC (#​10680) (a033aad)
• deps: update dependency @​portabletext/block-tools to ^3.5.6 (#​10662) (8168375)
• deps: update dependency @​portabletext/block-tools to ^3.5.7 (#​10722) (7eda14c)
• deps: update dependency @​portabletext/editor to ^2.12.1 (#​10663) (6387c2a)
• deps: update dependency @​portabletext/editor to ^2.12.3 (#​10716) (97f5149)
• deps: update dependency @​portabletext/editor to ^2.13.0 (#​10736) (a964a24)
• deps: update dependency @​sanity/client to ^7.11.2 (#​10667) (3d3ea0d)
• deps: update dependency @​sanity/ui to ^3.1.3 (#​10673) (43d4d8e)
• deps: update dependency @​sanity/ui to ^3.1.4 (#​10691) (cbab31b)
• deps: update dependency @​sanity/ui to ^3.1.5 (#​10706) (1387e57)
• deps: update dependency framer-motion to ^12.23.13 (#​10651) (f0c5ca1)
• deps: update dependency framer-motion to ^12.23.16 (#​10688) (299c200)
• deps: update dependency framer-motion to ^12.23.18 (#​10701) (73f0dd6)
• deps: update dependency framer-motion to ^12.23.19 (#​10728) (8e320db)
• deps: update dependency react-rx to ^4.2.1 (#​10717) (4d26a51)
• deps: update dependency xstate to ^5.22.0 (#​10690) (1893e40)
• sanity: add a warning for version info dialog if appId is missing (#​10659) (dadb15c)
• scheduled pub action only shows when releases enabled (#​10649) (15416c3)
• structure: use origin for comments studio url (#​10677) (d1ebf15)

v4.9.0

Compare Source

Features

• add "copy to clipboard" button to schema errors (#​10575) (635547b)
• adding in support for empty state releases when there are scheduled drafts (#​10625) (3d1c2dd)
• can only create a single concurrent scheduled draft per document (#​10624) (7ca2749)
• core: sapp 3054 scheduled draft doc actions (#​10622) (879a92e)
• document perspective context (#​10578) (dce13e3)
• schedule draft actions and releases tool (#​10534) (f8ec27a)
• specific banner for archived (or published) scheduled drafts (#​10630) (f581e9b)
• when scheduled drafts is enabled, showing banner in scheduled pub plugin (#​10642) (0014883)

Bug Fixes

• core: make auto updating version check use appId (#​10637) (aab3811)
• deps: update dependency @​portabletext/block-tools to ^3.5.5 (#​10614) (7a64fdf)
• deps: update dependency @​portabletext/editor to ^2.8.4 (#​10615) (9c51cc5)
• deps: update dependency @​portabletext/editor to ^2.9.0 (#​10621) (63d13b8)
• deps: update dependency @​portabletext/editor to ^2.9.1 (#​10626) (c62a30a)
• deps: update dependency @​portabletext/editor to ^2.9.2 (#​10641) (38d7116)
• deps: update dependency @​sanity/ui to ^3.1.0 (#​10627) (1a708b5)
• issue where escaping form link popover over in fullscreen would escape the fullscreen first (#​10606) (ff66b1e)
• make links to manage staging aware (#​10638) (74a4895)
• popover issue when clicking different panes / references (#​10618) (c41a2b1)

v4.8.1

Compare Source

Bug Fixes

• revert fix: popover issue when closing and clicking different panes (#​10608) (d0dba63)

v4.8.0

Compare Source

Features

• sanity: compute node diffs lazily (#​10600) (6e048f2)

Bug Fixes

• cli: fix build error when using auto-updates with sdk apps (#​10581) (49bff69)
• deps: update dependency @​portabletext/editor to ^2.8.3 (#​10570) (63acb06)
• deps: update dependency @​sanity/client to ^7.11.1 (#​10593) (96d3546)
• deps: update dependency @​sanity/preview-url-secret to ^2.1.15 (#​10588) (8269e81)
• handle uploading assets already existing in the ML (#​10495) (e4d8e43)

v4.7.0

Compare Source

Features

• add validation per release on the release overview + add caching (#​10496) (7e8da03)
• cli: Improve undeploy output for apps (#​10516) (f6809b4)
• cli: Prevent GlobalErrorHandler from growing beyond viewport height (#​10510) (172d9a9)
• core: custom release actions (#​10286) (28a774b)
• core: sapp 2967 schedule publish drafts (#​10392) (e438808)
• descriptors: handle validations (#​10457) (bb7e750)
• descriptors: serialize i18n properties (#​10540) (d71f9d3)
• descriptors: serialize orderings properties (#​10550) (e6442a9)
• limits: Document Limits Upsell (#​10428) (4ff929d)
• sanity: add StringInputPortableText with inline diff support (c8b4569)
• sanity: add diff props to input props (e8733fb)
• sanity: export focusRingBorderStyle (f499eee)
• sanity: export UpdateReadOnlyPlugin (fb5d670)
• sanity: graduate SelectedPerspective to public type TargetPerspective (#​10300) (d13666c)

Bug Fixes

• add caching to the useHistory in the releases + fix lastEditedByIssue (#​10564) (0e49e4c)
• core: make sure empty strings aren't passed to the upload API (#​10558) (31fc081)
• core: preserve local document state during intermittent disconnects (#​10528) (89954ae)
• dedupe listener events (#​10529) (b552234)
• deps: update dependency @​portabletext/block-tools to ^3.5.2 (#​10505) (b20a49e)
• deps: update dependency @​portabletext/block-tools to ^3.5.3 (#​10535) (a52feb1)
• deps: update dependency @​portabletext/block-tools to ^3.5.4 (#​10569) (f80859b)
• deps: update dependency @​portabletext/editor to ^2.7.2 (#​10506) (7c4a145)
• deps: update dependency @​portabletext/editor to ^2.8.0 (#​10536) (e08eee0)
• deps: update dependency @​portabletext/editor to ^2.8.1 (#​10555) (3c9eb4a)
• deps: update dependency @​portabletext/editor to ^2.8.2 (#​10563) (d7be4ac)
• deps: update dependency @​sanity/client to ^7.11.0 (#​10518) (5cfeba6)
• deps: update dependency @​sanity/insert-menu to v2.0.2 (#​10554) (3fd0a59)
• deps: update dependency @​sanity/presentation-comlink to ^1.0.29 (#​10556) (fd5105c)
• deps: update dependency @​sanity/ui to ^3.0.11 (#​10538) (aa025d4)
• deps: update dependency @​sanity/ui to ^3.0.14 (#​10557) (8a1f41f)
• deps: update dependency groq-js to ^1.18.0 (#​10576) (176527f)
• improve PortalProvider and PopoverContainer perf (#​10549) (04b209b)
• issue where an unpublished documentwas howing up as undefined in the document list in a release detail (#​10568) (f58b8bb)
• issue where trying to revert revision would open two dialogs (#​10559) (efc6b14)
• log the correct error name (#​10532) (d22f8b3)
• pass react-hooks/purity checks (#​10517) (9a53dd0)
• popover issue when closing and clicking different panes (#​10577) (b30dbb1)
• resolves revert change popover sometimes closing without bubbling click events (#​10486) (d3c3a94)
• sanity: ETL errors caused by inferring union types from constant arrays (#​10509) (2d499ca)
• sanity: use custom domain for video player (#​10541) (f404e21)
• sanity: use project host when fetching video playback info (#​10560) (9c12c97)
• structure: always render history restore action if seeing revision (#​10562) (525e198)
• version document restore revision and revert changes actions (#​10537) (80a14f6)

v4.6.1

Compare Source

Bug Fixes

• core: preserve desync deadline when new mutation events arrive (#​10491) (41c9bac)
• core: resolve uploader should work even if direct uploads is not allowed (#​10407) (1f5791f)
• corrects tense in auto-generated comment (#​10409) (2ec1d82)
• deps: update dependency @​portabletext/block-tools to ^3.5.1 (#​10460) (af3737d)
• deps: update dependency @​portabletext/editor to ^2.6.4 (#​10459) (706124e)
• deps: update dependency @​portabletext/editor to ^2.6.5 (#​10474) (39a9b88)
• deps: update dependency @​portabletext/editor to ^2.6.7 (#​10479) (7ee3be7)
• deps: update dependency @​portabletext/editor to ^2.6.9 (#​10490) (f7ac7e5)
• deps: update dependency @​portabletext/editor to ^2.7.0 (#​10503) (cc00d31)
• deps: update dependency @​portabletext/editor to ^2.7.1 (#​10504) (5a35aaf)
• deps: update dependency @​sanity/client to ^7.10.0 (#​10465) (62103ca)
• deps: update dependency @​sanity/ui to ^3.0.8 (#​10472) (62e01d1)
• deps: update dependency react-rx to ^4.1.32 (

---

Configuration

📅 Schedule: Branch creation - "before 3am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate using a curated preset maintained by . View repository job log here

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		typescript@5.9.2 has a License Policy Violation. License: LicenseRef-W3C-Community-Final-Specification-Agreement (package/ThirdPartyNoticeText.txt) From: package-lock.json → npm/typescript@5.9.2 ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/typescript@5.9.2. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report