chore(deps)(deps): bump the production-dependencies group across 1 directory with 5 updates

[dependabot]

Bumps the production-dependencies group with 5 updates in the / directory:

Package	From	To
@sentry/nextjs	10.39.0	10.52.0
fast-copy	4.0.2	4.0.3
framer-motion	12.34.0	12.38.0
immer	11.1.4	11.1.8
mobx	6.15.0	6.15.3

Updates @sentry/nextjs from 10.39.0 to 10.52.0

Release notes

Sourced from @​sentry/nextjs's releases.

10.52.0

Important Changes

• Beta release of the official Hono Sentry SDK

  This release marks the beta release of the @sentry/hono Sentry SDK. For details on how to use it, check out the Sentry Hono SDK docs. Please reach out on GitHub if you have any feedback or concerns.

• feat(browser): Add ingest_settings to v2 log envelope payload (#20453)

  Inference of user data (e.g. IP address, browser name/version) on log events is now gated behind the sendDefaultPii option. Previously, this data was always inferred by default.

Other Changes

• docs(hono): Add new docs link and move to BETA release (#20666)
• feat(browser): Add ingest_settings to v2 metrics envelope payload (#20454)
• feat(browser): Migrate spotlight event processor to ignoreSpans (#20595)
• feat(cloudflare): Capture request body via httpServerIntegration (#20614)
• feat(cloudflare): Support rpc trace propagation for WorkerEntrypoint (#20523)
• feat(cloudflare): Support tracing for queue producer (#20529)
• feat(core): Apply request data to segment spans in span streaming (#20654)
• feat(core): Migrate Vercel AI event processor to span streaming (#20608)
• feat(deno): Add processSegmentSpan to Deno context integration (#20613)
• feat(http): Portable node:http client instrumentation (#20393)
• feat(nitro): Add unstorage tracing channel instrumentation (#20615)
• feat(node-core): Add processSegmentSpan to node context integration (#20678)
• feat(node): Use diagnostics_channel for redis >= 5.12.0 (#20573)
• feat(node): Vendor ioredis, redis instrumentations (#20510)
• feat(replay): Reset replay id from DSC on session expiry/refresh (#20129)
• fix: Bump fast-xml-parser to fix vulnerability (#20644)
• fix: Bump vite versions to fix vulnerability (#20646)
• fix(core): Drain buffers in flush() when there is no transport (#20207)
• fix(core): Guard against undefined chained in copyProps (#20637)
• fix(deps): Bump rollup-plugin-license to fix lodash vulnerabilities (#20636)
• fix(deps): Bump transitive deps for medium security fixes (#20683)
• fix(hono): Do not capture 3xx and 4xx errors and add tests (#20640)
• fix(nextjs): Skip build modification when SRI is enabled (#20694)
• fix(opentelemetry): Respect OTEL_SERVICE_NAME, OTEL_RESOURCE_ATTRIBUTES (#20509)

• chore: Remove bundle-analyzer-scenarios dev packages (#20680)
• chore(deps): Bump @​hono/node-server from 1.19.10 to 1.19.13 (#20117)
• chore(deps): Bump @​nestjs packages to fix path-to-regexp ReDoS (#20642)
• chore(deps): Bump axios from 1.15.0 to 1.15.2 (#20665)
• chore(deps): Bump ip-address from 10.1.0 to 10.2.0 (#20695)
• chore(deps): Bump simple-git from 3.33.0 to 3.36.0 (#20696)
• chore(deps): Bump vulnerable testem version (#20634)

... (truncated)

Changelog

Sourced from @​sentry/nextjs's changelog.

10.52.0

Important Changes

• Beta release of the official Hono Sentry SDK

  This release marks the beta release of the @sentry/hono Sentry SDK. For details on how to use it, check out the Sentry Hono SDK docs. Please reach out on GitHub if you have any feedback or concerns.

• feat(browser): Add ingest_settings to v2 log envelope payload (#20453)

  Inference of user data (e.g. IP address, browser name/version) on log events is now gated behind the sendDefaultPii option. Previously, this data was always inferred by default.

Other Changes

• docs(hono): Add new docs link and move to BETA release (#20666)
• feat(browser): Add ingest_settings to v2 metrics envelope payload (#20454)
• feat(browser): Migrate spotlight event processor to ignoreSpans (#20595)
• feat(cloudflare): Capture request body via httpServerIntegration (#20614)
• feat(cloudflare): Support rpc trace propagation for WorkerEntrypoint (#20523)
• feat(cloudflare): Support tracing for queue producer (#20529)
• feat(core): Apply request data to segment spans in span streaming (#20654)
• feat(core): Migrate Vercel AI event processor to span streaming (#20608)
• feat(deno): Add processSegmentSpan to Deno context integration (#20613)
• feat(http): Portable node:http client instrumentation (#20393)
• feat(nitro): Add unstorage tracing channel instrumentation (#20615)
• feat(node-core): Add processSegmentSpan to node context integration (#20678)
• feat(node): Use diagnostics_channel for redis >= 5.12.0 (#20573)
• feat(node): Vendor ioredis, redis instrumentations (#20510)
• feat(replay): Reset replay id from DSC on session expiry/refresh (#20129)
• fix: Bump fast-xml-parser to fix vulnerability (#20644)
• fix: Bump vite versions to fix vulnerability (#20646)
• fix(core): Drain buffers in flush() when there is no transport (#20207)
• fix(core): Guard against undefined chained in copyProps (#20637)
• fix(deps): Bump rollup-plugin-license to fix lodash vulnerabilities (#20636)
• fix(deps): Bump transitive deps for medium security fixes (#20683)
• fix(hono): Do not capture 3xx and 4xx errors and add tests (#20640)
• fix(nextjs): Skip build modification when SRI is enabled (#20694)
• fix(opentelemetry): Respect OTEL_SERVICE_NAME, OTEL_RESOURCE_ATTRIBUTES (#20509)

• chore: Remove bundle-analyzer-scenarios dev packages (#20680)
• chore(deps): Bump @​hono/node-server from 1.19.10 to 1.19.13 (#20117)
• chore(deps): Bump @​nestjs packages to fix path-to-regexp ReDoS (#20642)
• chore(deps): Bump axios from 1.15.0 to 1.15.2 (#20665)
• chore(deps): Bump ip-address from 10.1.0 to 10.2.0 (#20695)
• chore(deps): Bump simple-git from 3.33.0 to 3.36.0 (#20696)

... (truncated)

Commits

• 4b911e0 release: 10.52.0
• 781f31c Merge pull request #20707 from getsentry/prepare-release/10.52.0
• 11a64f6 meta(changelog): Update changelog for 10.52.0
• e185818 feat(node-core): Add processSegmentSpan to node context integration (#20678)
• 7e49571 feat(node): use diagnostics_channel for redis >= 5.12.0 (#20573)
• a8ab715 feat(replay): Reset replay id from DSC on session expiry/refresh (#20129)
• 7efc03f feat(core): Apply request data to segment spans in span streaming (#20654)
• 01d0a70 feat(core): Migrate Vercel AI event processor to span streaming (#20608)
• 12cd3e5 fix(nextjs): Skip build modification when SRI is enabled (#20694)
• f1f534c fix(deps): Bump transitive deps for medium security fixes (#20683)
• Additional commits viewable in compare view

Updates fast-copy from 4.0.2 to 4.0.3

Release notes

Sourced from fast-copy's releases.

Release 4.0.3

• [Issue 128] Incorrect bigint arrays (#130) (61cf3b2)
• remove blurb about copying generators (91f692f)

Changelog

Sourced from fast-copy's changelog.

4.0.3

• #130 - Remove invalid Uint64Array in favor of BigInt64Array / BigUint64Array) (fixes #128)

Commits

• f5beb50 Release 4.0.3
• 5b855db update CHANGELOG
• 61cf3b2 [Issue 128] Incorrect bigint arrays (#130)
• 4b13765 Bump lodash from 4.17.23 to 4.18.1 in the npm_and_yarn group across 1 directo...
• 1fb65ca Bump defu from 6.1.4 to 6.1.6 in the npm_and_yarn group across 1 directory (#...
• f703f77 Bump picomatch from 2.3.1 to 2.3.2 in the npm_and_yarn group across 1 directo...
• d0adc41 Bump flatted from 3.3.3 to 3.4.2 in the npm_and_yarn group across 1 directory...
• 71c2c4f Bump tar from 7.5.10 to 7.5.11 in the npm_and_yarn group across 1 directory (...
• 935dd7e Bump tar from 7.5.9 to 7.5.10 in the npm_and_yarn group across 1 directory (#...
• b88e73f Bump rollup from 4.53.3 to 4.59.0 in the npm_and_yarn group across 1 director...
• Additional commits viewable in compare view

Updates framer-motion from 12.34.0 to 12.38.0

Changelog

Sourced from framer-motion's changelog.

[12.38.0] 2026-03-16

Added

• Added layoutAnchor prop to configure custom anchor point for resolving relative projection boxes.

Fixed

• Reorder: Fix axis switching after window resize.
• Reorder: Fix with virtualised lists.
• AnimatePresence: Ensure children are removed when exit animation matches current values.

[12.37.0] 2026-03-16

Added

• Support for hardware accelerating "start" and "end" offsets in scroll and useScroll.
• Support for oklch, oklab, lab, lch, color, color-mix, light-dark color types.

Fixed

• Fix whileInView with client-side navigation.
• Fix draggable elements when layout updates due to surrounding element re-renders.
• Improved memory pressure of layout animations.
• Ensure motion value returned from useSpring reports correct isAnimating().

[12.36.0] 2026-03-09

Added

• Allow dragSnapToOrigin to accept "x" or "y" for per-axis snapping.
• Added axis-locked layout animations with layout="x" and layout="y".
• Added skipInitialAnimation to useSpring.

Fixed

• Fixed height and width: auto animations with box-sizing: border-box.
• Reset component values when exit animation finishes.
• Ensure anticipate easing returns 1 at p === 1.
• Fix @emotion/is-prop-valid resolve error in Storybook.
• Remove data-pop-layout-id from exiting elements when animation interrupted.
• Ensure we skip WAAPI for non-animatable keyframes.
• Ensure we skip WAAPI for SVG transforms.
• Ensure MotionValue props are not passed to SVG.
• AnimatePresence: Prevent mode="wait" elements from getting stuck when switched rapidly.

[12.35.2] 2026-03-09

Fixed

... (truncated)

Commits

• 0bfc9fe v12.38.0
• 343cb0c Updating layoutAnchor
• ee99ad2 Updating changelog
• 062660b Updating changgelog
• 303da7d Updating readme
• b075adc Merge pull request #3647 from motiondivision/feat/layout-anchor
• f0991d6 Add missing layoutAnchor !== false guard in attemptToResolveRelativeTarget
• b5798e9 Merge pull request #3642 from motiondivision/worktree-fix-issue-3078
• 7686c19 Merge pull request #3636 from motiondivision/worktree-fix-issue-3061
• a95c487 Fix auto-scroll in reorder-virtualized test page
• Additional commits viewable in compare view

Updates immer from 11.1.4 to 11.1.8

Release notes

Sourced from immer's releases.

v11.1.8

11.1.8 (2026-05-08)

Bug Fixes

• update current and original typings to assert draft value is unwrapped (#1236) (bf2d154)

v11.1.7

11.1.7 (2026-05-06)

Bug Fixes

• improve higher order type inference for WritableDraft (#1205) (7390d6c)

v11.1.6

11.1.6 (2026-05-04)

Bug Fixes

• remove invalid curried producer type (#1216) (b40b04f)

v11.1.5

11.1.5 (2026-05-04)

Bug Fixes

• handle nested proxies after spreading and inserting into an array (d3bc436)

Commits

• bf2d154 fix: update current and original typings to assert draft value is unwrapped (...
• 7390d6c fix: improve higher order type inference for WritableDraft (#1205)
• 5155a33 chore: regression tests for fixed issue #916 (#1215)
• b67db83 chore(deps): bump postcss from 8.4.31 to 8.5.13 in /website (#1233)
• b40b04f fix: remove invalid curried producer type (#1216)
• 4f1a96f chore(deps-dev): bump lodash from 4.17.21 to 4.18.1 (#1225)
• 3b6c372 chore(deps): bump brace-expansion from 1.1.12 to 1.1.14 in /website (#1234)
• 229c8fb chore(deps): bump lodash from 4.17.21 to 4.18.1 in /website (#1223)
• 48f239c chore(deps): bump lodash from 4.17.21 to 4.18.1 in /website (#1223)
• 64bd3a7 chore(deps-dev): bump immutable from 3.8.2 to 3.8.3 (#1214)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for immer since your current version.

Updates mobx from 6.15.0 to 6.15.3

Release notes

Sourced from mobx's releases.

mobx@6.15.3

Patch Changes

• 25e859a3582bcdd3c5a71aa52510adfd924a1a60 #4644 Thanks @​kubk! - Fix TypeScript errors when using flow as a standard decorator.

mobx@6.15.2

Patch Changes

• 52ddce0f179a461b85e578554e35e94bf76edf3c #4642 Thanks @​kubk! - Restore npm release build target forwarding so published tarballs include the standalone ESM development and production bundles.

mobx@6.15.1

Patch Changes

• df81c144fb148b64140d761aa61f032a7f429e12 #4523 Thanks @​exzos28! - Make FlowCancellationError a proper Error instance while preserving its previous string representation.

• 21fc4de6c09a77caf115aedd2fe6df972637412b #4626 Thanks @​kubk! - Export CancellablePromise from the public mobx entrypoint.

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for mobx since your current version.

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
vinto	Ready	Preview, Comment	May 11, 2026 0:45am

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[github-actions]

🎭 Playwright E2E Test Results

✅ E2E Job: All passed

🎭 Test Results

✅ All tests passed! (24/24)

⏱️ Duration: 193.0s

♿ Accessibility Reports

✅ No accessibility violations detected

---

📊 View full test run
📦 Download Playwright report
♿ Download accessibility reports