chore(deps): bump the stripe group with 3 updates

[dependabot]

Bumps the stripe group with 3 updates: stripe, @stripe/react-stripe-js and @stripe/stripe-js.

Updates stripe from 20.4.1 to 22.0.1

Release notes

Sourced from stripe's releases.

v22.0.1

• #2669 Add constructor based initialization for CJS based TypeScript imports
  • Initialization of Stripe class with new keyword is now possible for CJS based TypeScript project. Resolves: 2660

  import Stripe = require('stripe');
  // ✅ Both statements work
  const stripeNew: Stripe.Stripe = new Stripe('sk_test_...');
  const stripeCalled: Stripe.Stripe = Stripe('sk_test_...');

• #2664 Fixed nested service param exports in the Stripe namespace
  • Resolves: 2658, 2662
• #2667 Add type safety to Stripe constructor config (no runtime change)
  • Fixed some compile-time checks (no runtime changes)
    • Fixed Stripe constructor config parameter to use StripeConfig type instead of Record<string, unknown>, restoring compile-time type safety.
    • Added missing authenticator property to StripeConfig.
    • Fixed Stripe.API_VERSION to retain the literal API version type.
    • Fixed StripeConfig.stripeContext to accept StripeContext objects in addition to strings.
• #2663 Throw a more descriptive error when calling rawRequest with absolute urls
• #2652 Added string[] to WebhookHeader type for compatibility with express
  • Added string[] to the type of signature param in stripe.webhooks.construct_event method.

See the changelog for more details.

v22.0.0

This release uses the same pinned API version to 2026-03-25.dahlia as the last major release. The breaking changes in this release are prefixed with ⚠️ below. There's also a detailed migration guide to simplify your upgrade process.

• #2619 Improved TypeScript support in the Node SDK
  • Moved the types from the partially manually maintained and partially generated types folder to be inline with the implementation in TypeScript files.
  • Removed top-level “stripe” ambient module. This allows import aliasing for the stripe package.
  • ⚠️ Stripe.StripeContext is no longer exported as a type. Use Stripe.StripeContextType instead.
  • ⚠️ Stripe.errors.StripeError is no longer a type. Use typeof Stripe.errors.StripeError or Stripe.ErrorType instead.
  • ⚠️ CJS entry point no longer exports .default or .Stripe as separate properties.
  • ⚠️ Stripe import is now a true ES6 class. Use new Stripe() to create a StripeClient instead of calling it:

// Before
const stripeClient = Stripe("sk_test_...");
// After
const stripeClient = new Stripe("sk_test_...");

• #2645 ⚠️ Remove stripeMethod and standardize how function args are handled (including removing callback support)

  • ⚠️ Refactor how incoming method arguments are parsed. Type signatures for API methods should be much more accurate and reliable now
    • ⚠️ Remove support for providing callbacks to API methods. Use async / await instead
    • ⚠️ Remove support for passing a plain API key as a function arg. If supplied on a per-request basis, it should be in the RequestOptions under the apiKey property
    • ⚠️ Keys from params and options objects are no longer mixed. If present on a method, RequestParams must always come first and RequestOptions must always come second. To supply options without params, pass undefined as the first argument explicitly
    • ⚠️ Removed methods from StripeResource: createFullPath, createResourcePathWithSymbols, extend, method and _joinUrlParts. These were mostly intended for internal use and we no longer need them

  As a result, the following call patterns are no longer supported:

... (truncated)

Changelog

Sourced from stripe's changelog.

22.0.1 - 2026-04-08

• #2669 Add constructor based initialization for CJS based TypeScript imports
  • Initialization of Stripe class with new keyword is now possible for CJS based TypeScript project. Resolves: 2660

  import Stripe = require('stripe');
  // ✅ Both statements work
  const stripeNew: Stripe.Stripe = new Stripe('sk_test_...');
  const stripeCalled: Stripe.Stripe = Stripe('sk_test_...');

• #2664 Fixed nested service param exports in the Stripe namespace
  • Resolves: 2658, 2662
• #2667 Add type safety to Stripe constructor config (no runtime change)
  • Fixed some compile-time checks (no runtime changes)
    • Fixed Stripe constructor config parameter to use StripeConfig type instead of Record<string, unknown>, restoring compile-time type safety.
    • Added missing authenticator property to StripeConfig.
    • Fixed Stripe.API_VERSION to retain the literal API version type.
    • Fixed StripeConfig.stripeContext to accept StripeContext objects in addition to strings.
• #2663 Throw a more descriptive error when calling rawRequest with absolute urls
• #2652 Added string[] to WebhookHeader type for compatibility with express
  • Added string[] to the type of signature param in stripe.webhooks.construct_event method.

22.0.0 - 2026-04-02

This release uses the same pinned API version to 2026-03-25.dahlia as the last major release. The breaking changes in this release are prefixed with ⚠️ below. There's also a detailed migration guide to simplify your upgrade process.

• #2619 Improved TypeScript support in the Node SDK
  • Moved the types from the partially manually maintained and partially generated types folder to be inline with the implementation in TypeScript files.
  • Removed top-level “stripe” ambient module. This allows import aliasing for the stripe package.
  • ⚠️ Stripe.StripeContext is no longer exported as a type. Use Stripe.StripeContextType instead.
  • ⚠️ Stripe.errors.StripeError is no longer a type. Use typeof Stripe.errors.StripeError or Stripe.ErrorType instead.
  • ⚠️ CJS entry point no longer exports .default or .Stripe as separate properties.
  • ⚠️ Stripe import is now a true ES6 class. Use new Stripe() to create a StripeClient instead of calling it:

// Before
const stripeClient = Stripe("sk_test_...");
// After
const stripeClient = new Stripe("sk_test_...");

• #2645 ⚠️ Remove stripeMethod and standardize how function args are handled (including removing callback support)

  • ⚠️ Refactor how incoming method arguments are parsed. Type signatures for API methods should be much more accurate and reliable now
    • ⚠️ Remove support for providing callbacks to API methods. Use async / await instead
    • ⚠️ Remove support for passing a plain API key as a function arg. If supplied on a per-request basis, it should be in the RequestOptions under the apiKey property
    • ⚠️ Keys from params and options objects are no longer mixed. If present on a method, RequestParams must always come first and RequestOptions must always come second. To supply options without params, pass undefined as the first argument explicitly
    • ⚠️ Removed methods from StripeResource: createFullPath, createResourcePathWithSymbols, extend, method and _joinUrlParts. These were mostly intended for internal use and we no longer need them

  As a result, the following call patterns are no longer supported:

  stripe.customers.retrieve('cus_123', 'sk_test_123')

... (truncated)

Commits

• a68e8e0 Bump version to 22.0.1
• 84f3e3a Fixed version update logic (#2674)
• 60d556f Fixed nested service param exports in the Stripe namespace (#2664)
• 15ad8fb Add constructor based initialization for CJS based TypeScript imports (#2669)
• c1ba099 Add type safety to Stripe constructor config (no runtime change) (#2667)
• 08e7260 Throw a more descriptive error when calling rawRequest with absolute urls (...
• 0382565 Added string[] to WebhookHeader type for compatibility with express (#2652)
• 1c7583c Bump lodash from 4.17.21 to 4.18.1 (#2644)
• a2e8723 Updated the changelog entries for the v22 major version. (#2650)
• 210de11 Bump version to 22.0.0
• Additional commits viewable in compare view

Updates @stripe/react-stripe-js from 5.6.1 to 6.1.0

Release notes

Sourced from @​stripe/react-stripe-js's releases.

v6.1.0

New features

• feat: add React components for Stripe Issuing Elements (#664)

Changed

• Bump picomatch from 2.2.2 to 2.3.2 (#666)
• Bump handlebars from 4.7.7 to 4.7.9 (#668)

v6.0.0

Changed

• Type updates for Dahlia (#665)
• Update react providers for the upcoming checkout sdk changes (#658)
• point to stripe-js V9 RC + rename to createEmbeddedCheckoutPage (#660)

Commits

• 9f0e50d v6.1.0
• 7f8b0f8 Bump picomatch from 2.2.2 to 2.3.2 (#666)
• d6309b7 Bump handlebars from 4.7.7 to 4.7.9 (#668)
• d707ec2 feat: add React components for Stripe Issuing Elements (#664)
• 4d445d4 v6.0.0
• 5c009d5 Prepare for dahlia release (#667)
• 828252e v6.0.0-rc.2
• 0923d81 Type updates (#665)
• 764cfb9 v6.0.0-rc.1
• e69bca3 [breaking] Update react providers for the upcoming checkout sdk changes (#658)
• Additional commits viewable in compare view

Updates @stripe/stripe-js from 8.11.0 to 9.1.0

Release notes

Sourced from @​stripe/stripe-js's releases.

v9.1.0

New features

• Update type to have percentage (#911)
• Add unit amount decimal (#907)

v9.0.1

New features

• Add Contributing section to README (#901)

Fixes

• Include klarna in TermsOption (#905)
• Add verification types for TaxIdElement (#904)

Changed

• Bump picomatch from 2.2.2 to 2.3.2 (#902)
• Bump picomatch from 2.2.2 to 2.3.2 in /examples/rollup (#903)

v9.0.0

New features

• Change elements.update() return type from void to Promise (#888)

Changed

• Updated types for Dahlia (#883, #898)
• update type for createEmbeddedCheckoutPage rename (#890)
• add format to getValue for addressElement (#886)
• Remove boolean from RadiosOption type for Dahlia (#885)
• Remove createSource and retrieveSource types for Dahlia (#892)

Commits

• 49a6a71 v9.1.0
• afc8739 Update type to have percentage (#911)
• b0ad84c Add unit amount decimal (#907)
• 437bfdf v9.0.1
• d9e8bd1 Include klarna in TermsOption (#905)
• 8d12463 Bump picomatch from 2.2.2 to 2.3.2 (#902)
• 443511d Bump picomatch from 2.2.2 to 2.3.2 in /examples/rollup (#903)
• 0c277af Add verification types for TaxIdElement (#904)
• f375884 Add Contributing section to README (#901)
• d0628d5 v9.0.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Preview deployments are available for this PR.

Comment /deploy to deploy a preview environment.