build(deps): bump the minor-and-patch group across 1 directory with 14 updates

[dependabot]

Bumps the minor-and-patch group with 12 updates in the / directory:

Package	From	To
@biomejs/biome	2.4.10	2.4.16
@changesets/cli	2.30.0	2.31.0
turbo	2.9.14	2.9.16
@azure/msal-browser	5.6.3	5.11.0
@azure/msal-react	5.2.1	5.4.2
@types/node	25.5.2	25.9.1
globals	17.4.0	17.6.0
@react-router/node	7.14.0	7.16.0
isbot	5.1.37	5.1.40
@react-router/dev	7.14.0	7.16.0
@tanstack/react-router	1.168.10	1.170.11
@tanstack/react-start	1.167.16	1.168.19

Updates @biomejs/biome from 2.4.10 to 2.4.16

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.4.16

2.4.16

Patch Changes

• #10329 ef764d5 Thanks @​Conaclos! - Fixed an issue where diagnostics showed an incorrect location in Astro files.

• #10363 50aa415 Thanks @​dyc3! - Fixed HTML formatting for a case where comments could cause the formatter to split up a closing tag, which would cause the resulting HTML to be syntactically invalid.

  Input:

  <span
    ><!-- 1
  --><span>a</span
    ><!-- 2
  --><span>b</span
    ><!-- 3
  --></span>

  Output:

    <span
  	  ><!-- 1
  - --> <span>a</span<!-- 2
  - --> ><span>b</span><!-- 3
  + --><span>a</span><!-- 2
  + --><span>b</span><!-- 3
    --></span
    >

• #10465 0c718da Thanks @​dfedoryshchev! - Fixed diagnostics emitted by the noUntrustedLicenses rule.

• #10358 05c2617 Thanks @​dyc3! - Fixed #10356: biome rage --linter now displays rules enabled through linter domains in the enabled rules list.

• #10300 950247c Thanks @​dyc3! - Fixed #10265: Svelte function bindings such as bind:value={get, set} are now parsed more precisely, so noCommaOperator won't emit false positives for that syntax anymore.

• #9786 e71f584 Thanks @​MeGaNeKoS! - Fixed #8480: useDestructuring now provides variableDeclarator and assignmentExpression options to control which contexts enforce destructuring, matching ESLint's prefer-destructuring configuration. Both default to {array: true, object: true}. The diagnostic for object destructuring in assignment expressions now instructs users to wrap the assignment in parentheses.

• #10425 1948b72 Thanks @​sjh9714! - Fixed #10244: The useOptionalChain rule now detects negated guard inequality chains like !foo || foo.bar !== "x".

• #10442 001f94f Thanks @​ematipico! - Fixed #10411: noMisusedPromises no longer causes a stack overflow when a nested function returns an object with shorthand properties that shadow destructured variables from an outer scope.

• #10318 9b1577f Thanks @​dyc3! - Added support for formatter.trailingCommas in overrides. This option was previously available in the top-level formatter configuration but missing from formatter overrides.

• #10319 2e37709 Thanks @​dyc3! - Fixed Vue and Svelte formatting for standalone interpolations in inline elements. Biome now preserves existing newlines in cases like:

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.4.16

Patch Changes

• #10329 ef764d5 Thanks @​Conaclos! - Fixed an issue where diagnostics showed an incorrect location in Astro files.

• #10363 50aa415 Thanks @​dyc3! - Fixed HTML formatting for a case where comments could cause the formatter to split up a closing tag, which would cause the resulting HTML to be syntactically invalid.

  Input:

  <span
    ><!-- 1
  --><span>a</span
    ><!-- 2
  --><span>b</span
    ><!-- 3
  --></span>

  Output:

    <span
  	  ><!-- 1
  - --> <span>a</span<!-- 2
  - --> ><span>b</span><!-- 3
  + --><span>a</span><!-- 2
  + --><span>b</span><!-- 3
    --></span
    >

• #10465 0c718da Thanks @​dfedoryshchev! - Fixed diagnostics emitted by the noUntrustedLicenses rule.

• #10358 05c2617 Thanks @​dyc3! - Fixed #10356: biome rage --linter now displays rules enabled through linter domains in the enabled rules list.

• #10300 950247c Thanks @​dyc3! - Fixed #10265: Svelte function bindings such as bind:value={get, set} are now parsed more precisely, so noCommaOperator won't emit false positives for that syntax anymore.

• #9786 e71f584 Thanks @​MeGaNeKoS! - Fixed #8480: useDestructuring now provides variableDeclarator and assignmentExpression options to control which contexts enforce destructuring, matching ESLint's prefer-destructuring configuration. Both default to {array: true, object: true}. The diagnostic for object destructuring in assignment expressions now instructs users to wrap the assignment in parentheses.

• #10425 1948b72 Thanks @​sjh9714! - Fixed #10244: The useOptionalChain rule now detects negated guard inequality chains like !foo || foo.bar !== "x".

• #10442 001f94f Thanks @​ematipico! - Fixed #10411: noMisusedPromises no longer causes a stack overflow when a nested function returns an object with shorthand properties that shadow destructured variables from an outer scope.

• #10318 9b1577f Thanks @​dyc3! - Added support for formatter.trailingCommas in overrides. This option was previously available in the top-level formatter configuration but missing from formatter overrides.

• #10319 2e37709 Thanks @​dyc3! - Fixed Vue and Svelte formatting for standalone interpolations in inline elements. Biome now preserves existing newlines in cases like:

... (truncated)

Commits

• 5f4ea56 ci: release (#10326)
• de2a33c fix(core): regression in emitted types (#10478)
• d835303 docs: remove redundant default phrase in useConsistentObjectDefinitions rul...
• 4f1aaf2 fix: incorrect build when using build or test (#10426)
• dc73b6b refactor: make plugins opt-in via feature gate (#10418)
• e71f584 feat(useDestructuring): add options for assignment/declaration and improve di...
• 9b1577f fix(config): support trailingCommas in overrides (#10318)
• 9dd3271 ci: release (#10210)
• 7b8d4e1 feat(lint/html/vue): add useVueValidVFor (#10195)
• ba3480e feat(lint/js): add useTestHooksInOrder (#9394)
• Additional commits viewable in compare view

Updates @changesets/cli from 2.30.0 to 2.31.0

Release notes

Sourced from @​changesets/cli's releases.

@​changesets/cli@​2.31.0

Minor Changes

• #1889 96ca062 Thanks @​mixelburg! - Error on unsupported flags for individual CLI commands and print the matching command usage to make mistakes easier to spot.

• #1873 42943b7 Thanks @​mixelburg! - Respond to --help on all subcommands. Previously, --help was only handled when it was the sole argument; passing it alongside a subcommand (e.g. changeset version --help) would silently execute the command instead. Now --help always exits early and prints per-command usage when a known subcommand is provided, or the general help text otherwise.

Patch Changes

• d2121dc Thanks @​Andarist! - Fix npm auth for path-based registries during publish by preserving configured registry URLs instead of normalizing them.

• #1888 036fdd4 Thanks @​mixelburg! - Fix several changeset version issues with workspace protocol dependencies. Valid explicit workspace: ranges and aliases are no longer rewritten unnecessarily, and workspace path references are handled correctly during versioning.

• #1903 5c4731f Thanks @​Andarist! - Gracefully handle stale npm info data leading to duplicate publish attempts.

• #1867 f61e716 Thanks @​Andarist! - Improved detection for published state of prerelease-only packages without latest dist-tag on GitHub Packages registry.

• Updated dependencies [036fdd4, 036fdd4, 036fdd4]:

  • @​changesets/assemble-release-plan@​6.0.10
  • @​changesets/get-dependents-graph@​2.1.4
  • @​changesets/apply-release-plan@​7.1.1
  • @​changesets/get-release-plan@​4.0.16
  • @​changesets/config@​3.1.4

Commits

• 9cce6db Version Packages (#1897)
• d2121dc Fix npm auth for path-based registries during publish by preserving configure...
• 036fdd4 Fix several changeset version issues with workspace protocol dependencies (...
• 5c4731f Gracefully handle stale npm info data leading to duplicate publish attempts...
• 96ca062 Error on unsupported flags for individual CLI commands (#1889)
• 42943b7 fix(cli): respond to --help on all subcommands (#1873)
• f61e716 Improved detection for published state of prerelease-only packages without ...
• See full diff in compare view

Updates turbo from 2.9.14 to 2.9.16

Release notes

Sourced from turbo's releases.

Turborepo v2.9.16

What's Changed

Changelog

• release(turborepo): 2.9.15 by @​github-actions[bot] in vercel/turborepo#12955
• fix: Avoid hanging PTY shutdown by @​anthonyshew in vercel/turborepo#12958
• fix: Retry npm tlog publish failures by @​anthonyshew in vercel/turborepo#12959
• release(turborepo): 2.9.16-canary.1 by @​anthonyshew in vercel/turborepo#12960
• fix: Preserve nested Bun dependency versions by @​anthonyshew in vercel/turborepo#12963
• Revert "fix: Preserve nested Bun dependency versions" by @​anthonyshew in vercel/turborepo#12964
• release(turborepo): 2.9.16-canary.2 by @​github-actions[bot] in vercel/turborepo#12961
• fix: Preserve nested Bun dependency versions by @​anthonyshew in vercel/turborepo#12965
• fix: Don't delete existing .git when using --no-git flag by @​anthonyshew in vercel/turborepo#12968

Full Changelog: vercel/turborepo@v2.9.15...v2.9.16

Turborepo v2.9.16-canary.2

What's Changed

Changelog

• release(turborepo): 2.9.15-canary.7 by @​github-actions[bot] in vercel/turborepo#12935
• fix: Restore a few internal invariant checks by @​anthonyshew in vercel/turborepo#12933
• fix: Improve profile tracing coverage by @​anthonyshew in vercel/turborepo#12936
• fix: Use build-scale OTel duration buckets by @​anthonyshew in vercel/turborepo#12939
• fix: Preserve pnpm injected peer package entries by @​anthonyshew in vercel/turborepo#12940
• feat: Add heap allocation profiling by @​anthonyshew in vercel/turborepo#12943
• release(turborepo): 2.9.15-canary.8 by @​anthonyshew in vercel/turborepo#12945
• docs: Correct attribute presence claims in turborepo-otel by @​adityasingh2400 in vercel/turborepo#12932
• chore(turbo-codemod): Remove duplicate "in" in transforms path comment by @​mvanhorn in vercel/turborepo#12948
• chore: Switch Geist font imports to npm geist package by @​christopherkindl in vercel/turborepo#12952
• fix: Respect root gitignore during prune by @​anthonyshew in vercel/turborepo#12953
• fix: Harden OTEL endpoint validation by @​anthonyshew in vercel/turborepo#12954
• release(turborepo): 2.9.15 by @​github-actions[bot] in vercel/turborepo#12955
• fix: Avoid hanging PTY shutdown by @​anthonyshew in vercel/turborepo#12958
• fix: Retry npm tlog publish failures by @​anthonyshew in vercel/turborepo#12959
• release(turborepo): 2.9.16-canary.1 by @​anthonyshew in vercel/turborepo#12960

New Contributors

• @​adityasingh2400 made their first contribution in vercel/turborepo#12932
• @​mvanhorn made their first contribution in vercel/turborepo#12948
• @​christopherkindl made their first contribution in vercel/turborepo#12952

Full Changelog: vercel/turborepo@v2.9.15-canary.7...v2.9.16-canary.2

Turborepo v2.9.15

... (truncated)

Commits

• 5e2d466 publish 2.9.16 to registry
• b4aa626 fix: Don't delete existing .git when using --no-git flag (#12968)
• 7952b46 fix: Preserve nested Bun dependency versions (#12965)
• 5e5b248 release(turborepo): 2.9.16-canary.2 (#12961)
• 3b1b6e9 Revert "fix: Preserve nested Bun dependency versions" (#12964)
• 8d4eaf8 fix: Preserve nested Bun dependency versions (#12963)
• 2284fa9 release(turborepo): 2.9.16-canary.1 (#12960)
• 5317f65 fix: Retry npm tlog publish failures (#12959)
• 52e81bd fix: Avoid hanging PTY shutdown (#12958)
• c85d410 release(turborepo): 2.9.15 (#12955)
• Additional commits viewable in compare view

Updates @azure/msal-browser from 5.6.3 to 5.11.0

Release notes

Sourced from @​azure/msal-browser's releases.

@​azure/msal-browser v5.11.0

5.11.0

Tue, 19 May 2026 19:29:14 GMT

Minor changes

• Add allowPlatformBrokerWithDOM experimental config flag for DOM-based platform brokering #8589 (lalimasharda@microsoft.com)
• Custom Auth: add requestInterceptor configuration option that lets apps attach additional x-* headers to custom-auth backend requests (e.g., for fraud/bot-detection vendors). Headers without the x- prefix and headers starting with reserved prefixes (x-client-, x-ms-, x-broker-, x-app-) are filtered out. #8587 (shen.jian@live.com)
• Bump @​azure/msal-common to v16.6.2 (beachball)

Patches

• Fix logoutHint to check account loginHint before falling back to idTokenClaims #8591 (lalimasharda@microsoft.com)

@​azure/msal-browser v5.10.1

5.10.1

Mon, 11 May 2026 21:48:15 GMT

Patches

• Bump @​azure/msal-common to v16.6.1 (beachball)

@​azure/msal-browser v5.10.0

5.10.0

Thu, 07 May 2026 19:01:04 GMT

Minor changes

• Add native auth e2e sample app (yongdiwang@microsoft.com)
• Remove duplicate typings in the build output #8557 (thomas.norling@microsoft.com)
• Bump @​azure/msal-common to v16.6.0 (beachball)

Patches

• Stop looking in localStorage for temporary cache #8579 (-g)

@​azure/msal-browser v5.9.0

5.9.0

Tue, 28 Apr 2026 21:30:31 GMT

Minor changes

• Bump @​azure/msal-browser to match @​azure/msal-browser-1p (msaljsbuilds@microsoft.com)
• Bump @​azure/msal-common to v16.5.2 (beachball)

Patches

... (truncated)

Commits

• 738ade6 check account loginHint before idTokenClaims setting logoutHint (#8591)
• 1fff290 Add allowPlatformBrokerWithDOM experimental config flag (#8589)
• 99e0895 Custom Auth: add requestInterceptor for custom x-* request headers (#8587)
• ce50f41 Post-release PR (#8585)
• c661401 Complete test tenant migration (#8584)
• bbcc105 Add browser compatibility guidelines and review instructions for msal-browser...
• d7a7eb5 Add issuer validation check whenever MSAL JS performs OIDC endpoint discovery...
• 9884a71 Post-release PR (#8583)
• b4e498c Stop looking in localStorage for temporary cache (#8579)
• 1b261b4 Bump uuid and @​actions/core in /.github/actions/issue_template_bot (#8571)
• Additional commits viewable in compare view

Updates @azure/msal-react from 5.2.1 to 5.4.2

Release notes

Sourced from @​azure/msal-react's releases.

@​azure/msal-react v5.4.2

5.4.2

Tue, 19 May 2026 19:29:14 GMT

Patches

• Bump @​azure/msal-browser to v5.11.0 (beachball)

@​azure/msal-react v5.4.1

5.4.1

Mon, 11 May 2026 21:48:15 GMT

Patches

• Bump @​azure/msal-browser to v5.10.1 (beachball)

@​azure/msal-browser v5.4.0

5.4.0

Mon, 02 Mar 2026 19:25:47 GMT

Minor changes

• Bump @​azure/msal-browser to match @​azure/msal-browser-1p (msaljsbuilds@microsoft.com)
• Bump @​azure/msal-common to v16.2.0 (beachball)
• Bump eslint-config-msal to v0.0.0 (beachball)
• Bump msal-test-utils to v0.0.1 (beachball)
• Bump rollup-msal to v0.0.0 (beachball)

@​azure/msal-react v5.4.0

5.4.0

Thu, 07 May 2026 19:01:04 GMT

Minor changes

• Remove duplicate typings in the build output #8557 (thomas.norling@microsoft.com)
• Bump @​azure/msal-browser to v5.10.0 (beachball)

@​azure/msal-react v5.3.2

5.3.2

Tue, 28 Apr 2026 21:30:33 GMT

Patches

• Bump @​azure/msal-browser to v5.9.0 (beachball)

... (truncated)

Commits

• 738ade6 check account loginHint before idTokenClaims setting logoutHint (#8591)
• 1fff290 Add allowPlatformBrokerWithDOM experimental config flag (#8589)
• 99e0895 Custom Auth: add requestInterceptor for custom x-* request headers (#8587)
• ce50f41 Post-release PR (#8585)
• See full diff in compare view

Updates @types/node from 25.5.2 to 25.9.1

Commits

• See full diff in compare view

Updates globals from 17.4.0 to 17.6.0

Release notes

Sourced from globals's releases.

v17.6.0

• Update globals (2026-05-01) (#343) 00a4dd9

---

sindresorhus/globals@v17.5.0...v17.6.0

v17.5.0

• Update globals (2026-04-12) (#342) 5d84602

---

sindresorhus/globals@v17.4.0...v17.5.0

Commits

• 6b15870 17.6.0
• 00a4dd9 Update globals (2026-05-01) (#343)
• b8170c8 17.5.0
• 5d84602 Update globals (2026-04-12) (#342)
• 1b727e5 Fix build script for ES globals (#341)
• See full diff in compare view

Updates @react-router/node from 7.14.0 to 7.16.0

Release notes

Sourced from @​react-router/node's releases.

v7.16.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7160

v7.15.1

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7151

v7.15.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7150

v7.14.2

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7142

v7.14.1

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7141

Changelog

Sourced from @​react-router/node's changelog.

v7.16.0

Patch Changes

• Honor Node writable backpressure in writeReadableStreamToWritable and writeAsyncIterableToWritable (#15071)

  • Await 'drain' when writable.write() returns false instead of letting chunks accumulate in the writable's internal buffer.
  • Reject (rather than hang) if the writable errors or closes mid-stream.

• Updated dependencies:

  • react-router@7.16.0

v7.15.1

Patch Changes

• Updated dependencies:
  • react-router@7.15.1

v7.15.0

Patch Changes

• Updated dependencies:
  • react-router@7.15.0

v7.14.2

Patch Changes

• Updated dependencies:
  • react-router@7.14.2

v7.14.1

Patch Changes

• Add TypeScript 6 support to peer dependency ranges
• Updated dependencies:
  • react-router@7.14.1

Commits

• 8984d23 Release v7.16.0 (#15105)
• 50511dc fix(node): honor writable backpressure when streaming to Node writables (#15071)
• 587d08f Release v7.15.1 (#15038)
• 7e6725a Cleanup lint issues (#15030)
• 97c8de7 Release v7.15.0 (#15018)
• cf1d250 Release v7.14.2 (#14993)
• 197674b Release 7.14.1 (#14973)
• 05f80c8 Migrate changesets files to .changes files
• a87774f Add new release process (#14916)
• 5ac7a72 Add Typescript 6 range to peer dependencies (#14935)
• Additional commits viewable in compare view

Updates isbot from 5.1.37 to 5.1.40

Changelog

Sourced from isbot's changelog.

5.1.40

• Browser entry. Use Object.defineProperty instead of direct assignment

5.1.39

• Pattern updates

5.1.38

• Pattern updates

Commits

• af53e19 browser entry update
• 860045c pattern updates
• 800ae1e Pattern updates
• 819c051 [admin] Use codeQL native integration instead
• 0c7ed9a New build system. Better type checking (#303)
• See full diff in compare view

Updates react-router from 7.14.0 to 7.16.0

Release notes

Sourced from react-router's releases.

v7.16.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7160

v7.15.1

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7151

v7.15.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7150

v7.14.2

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7142

v7.14.1

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7141

Changelog

Sourced from react-router's changelog.

v7.16.0

Minor Changes

• Stabilize future.unstable_trailingSlashAwareDataRequests as future.v8_trailingSlashAwareDataRequests (#15098)

Patch Changes

• Disable manifest path when lazy route dicovery is disabled (#15068)

• Fix browser URL creation to use the configured history window instead of the global window. (#15066)

  • Pass the history/router window through to createBrowserURLImpl so custom window contexts keep the correct URL origin.

• Fix useNavigation() return type to preserve discriminated union across navigation states (#15095)

• Widen MetaDescriptor script:ld+json type from LdJsonObject to LdJsonObject | LdJsonObject[] to permit multiple JSON-LD schemas in a single <script type="application/ld+json"> tag emitted by <Meta /> (#15082)

v7.15.1

Patch Changes

• Update router to operate on fetcher Maps in an immutable manner to avoid delayed React renders from potentially reading an updated but not yet committed Map. This could result in brief flickers in some fetcher-driven optimistic UI scenarios. (#15028)
• Fix serverLoader() returning stale SSR data when a client navigation aborts pending hydration before the hydration clientLoader resolves (#15022)
• Fix RouterProvider onError callback not being called for synchronous initial loader errors in SPA mode (#15039) (#14942)
• Memoize useFetchers to return a stable identity and only change if fetchers changed (#15028)
• Internal refactor to consolidate mutation request detection through shared utility (#15033)

Unstable Changes

⚠️ Unstable features are not recommended for production use

• Add a new unstable_useRouterState() hook that consolidates access to active and pending router states (RFC: #12358) (#15017)

  • Data/Framework/RSC only — throws when used without a data router

  • This should allow you to consolidate usages of the following hooks which will likely be deprecated and removed in a future major version

    • useLocation
    • useSearchParams
    • useParams
    • useMatches
    • useNavigationType
    • useNavigation

    let { active, pending } = unstable_useRouterState();
    // Active is always populated with the current location
    active.location; // replaces useLocation()
    active.searchParams; // replaces useSearchParams()[0]
    active.params; // replaces useParams()
    active.matches; // replaces useMatches()
    active.type; // replaces useNavigationType()

... (truncated)

Commits

• 8984d23 Release v7.16.0 (#15105)
• d71025d Stabilize trailing slash aware data requests (#15098)
• 6e21b63 fix: keep useNavigation() return type a discriminated union (#15095)
• 4cde90b Support array of objects for script:ld+json meta descriptor (#15082)
• dc996ea fix(router): pass configured window to createBrowserURLImpl (#15066)
• cfb5fb0 Disable manifest handler when lazy route discovery is disabled (#15068)
• 16eb79e test: fix typo in test description (#15053)
• 4b464a9 chore: format
• 587d08f Release v7.15.1 (#15038)
• 89996bd Fire onError for initial-load errors when RouterProvider mounts late (#15039)
• Additional commits viewable in compare view

Updates @react-router/dev from 7.14.0 to 7.16.0

Release notes

Sourced from @​react-router/dev's releases.

v7.16.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7160

v7.15.1

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7151

v7.15.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7150

v7.14.2

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7142

v7.14.1

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7141

Changelog

Sourced from @​react-router/dev's changelog.

v7.16.0

Minor Changes

• Stabilize future.unstable_trailingSlashAwareDataRequests as future.v8_trailingSlashAwareDataRequests (#15098)

  • The unstable flag is no longer supported and will error during config resolution

• Log future flag warnings for upcoming React Router v8 flags (#15029)

  • v8_middleware, v8_splitRouteModules, v8_viteEnvironmentApi, v8_passThroughRequests, v8_trailingSlashAwareDataRequests

Patch Changes

• Updated dependencies:
  • react-router@7.16.0
  • @react-router/node@7.16.0
  • @react-router/serve@7.16.0

v7.15.1

Patch Changes

• Fix basename conflicting with app directory name when Vite base is set (#15027)

  When the Vite base config and React Router basename both match the app directory name (e.g. base: "/app/", basename: "/app/"), Vite would strip the base prefix from server-build virtual module import paths, causing "Failed to load url /root.tsx" errors. The fix uses /@fs/ absolute paths for those imports to bypass Vite's base-stripping logic.

• Updated dependencies:

  • react-router@7.15.1
  • @react-router/node@7.15.1
  • @react-router/serve@7.15.1

v7.15.0

Minor Changes

• Stabilize future.unstable_passThroughRequests as future.v8_passThroughRequests (a993f09)

  • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

• Stabilize prerender.unstable_concurrency as prerender.concurrency (a993f09)

  • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

• Stabilize future.unstable_subResourceIntegrity as a ...

  Description has been truncated

[changeset-bot]

⚠️ No Changeset found

Latest commit: 6cfd3d9

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[Herman Jensen (h3rmanj)]

Dependabot (@dependabot) rebase

[dependabot]

Looks like these dependencies are no longer updatable, so this is no longer needed.