chore(deps): lock file maintenance

[renovate]

This PR contains the following updates:

Update	Change
lockFileMaintenance	All locks refreshed

🔧 This Pull Request updates lock files to use the latest dependency versions.

---

Configuration

📅 Schedule: Branch creation - On day 1 of the month, every 12 months ( * * 1 */12 * ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate using a curated preset maintained by . View repository job log here

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
page-building-studio	Ready	Preview, Comment	Feb 9, 2026 3:10pm
test-studio	Ready	Preview, Comment	Feb 9, 2026 3:10pm

3 Skipped Deployments

Project	Deployment	Actions	Updated (UTC)
e2e-studio	Ignored		Feb 9, 2026 3:10pm
studio-workshop	Ignored	Preview	Feb 9, 2026 3:10pm
test-next-studio	Ignored		Feb 9, 2026 3:10pm

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​typescript-eslint@​8.53.1 ⏵ 8.54.0
	npm/​@​sanity/​debug-preview-url-secret-plugin@​2.0.4 ⏵ 2.0.6	+8		+1	+1
	npm/​vitest-package-exports@​1.1.2 ⏵ 1.2.0	-4		+1	+1
	npm/​@​types/​node@​24.10.2 ⏵ 24.10.12	+1		+1	+1
	npm/​turbo@​2.7.5 ⏵ 2.8.3	+1		+1	+1
	npm/​@​codemirror/​view@​6.39.11 ⏵ 6.39.12			+1	+1
	npm/​@​sanity/​sdk-react@​2.5.0 ⏵ 2.6.0	-1			-1
	npm/​@​google-cloud/​storage@​7.18.0 ⏵ 7.19.0			+1	+6
	npm/​eslint-plugin-boundaries@​5.3.1 ⏵ 5.4.0	-6			+5
	npm/​eslint-config-turbo@​2.7.6 ⏵ 2.8.3				+1
	npm/​@​testing-library/​react@​16.3.1 ⏵ 16.3.2
	npm/​sanity-plugin-mux-input@​2.12.1 ⏵ 2.14.0	+2
	npm/​@​sanity/​assist@​5.0.3 ⏵ 5.0.4	+3			+1
	npm/​sanity-plugin-asset-source-unsplash@​7.0.2 ⏵ 7.0.3	+4			+1
	npm/​motion@​12.27.1 ⏵ 12.33.0	+1		+1	+1
	npm/​@​sanity/​code-input@​7.0.5 ⏵ 7.0.8	+1			+1
	npm/​@​sanity/​color-input@​6.0.3 ⏵ 6.0.4	+1
	npm/​@​sanity/​react-loader@​2.0.5 ⏵ 2.0.7

View full report

[github-actions]

🧪 E2E Preview environment

🔑 Environment Variables for Local Testing

This is the preview URL for the E2E tests: https://e2e-studio-1xe1cdup7.sanity.dev

To run the E2E tests locally, you can use the following environment variables, then run pnpm test:e2e --ui to open the Playwright test runner.

💬 Remember to build the project first with pnpm build:e2e.

  SANITY_E2E_PROJECT_ID=ittbm412
  SANITY_E2E_BASE_URL=https://e2e-studio-1xe1cdup7.sanity.dev
  SANITY_E2E_DATASET="update depending the project you want to test (pr-11997-chromium-21830370262 || pr-11997-firefox-21830370262 )"
  SANITY_E2E_DATASET_CHROMIUM=pr-11997-chromium-21830370262
  SANITY_E2E_DATASET_FIREFOX=pr-11997-firefox-21830370262

[github-actions]

📊 Playwright Test Report

Download Full E2E Report

This report contains test results, including videos of failing tests.

[github-actions]

⚡️ Editor Performance Report

Updated Mon, 09 Feb 2026 15:17:18 GMT

Benchmark	reference latency of sanity@latest	experiment latency of this branch	Δ (%) latency difference
article (title)	34.5 efps (29ms)	30.3 efps (33ms)	+4ms (+13.8%)	✅
article (body)	50.6 efps (20ms)	48.1 efps (21ms)	+1ms (+5.3%)	✅
article (string inside object)	47.6 efps (21ms)	40.0 efps (25ms)	+4ms (+19.0%)	✅
article (string inside array)	40.0 efps (25ms)	40.0 efps (25ms)	+0ms (-/-%)	✅
recipe (name)	90.9 efps (11ms)	99.9+ efps (10ms)	-1ms (-/-%)	✅
recipe (description)	50.0 efps (20ms)	47.6 efps (21ms)	+1ms (+5.0%)	✅
recipe (instructions)	99.9+ efps (10ms)	99.9+ efps (9ms)	-1ms (-/-%)	✅
singleString (stringField)	99.9+ efps (7ms)	99.9+ efps (6ms)	-1ms (-/-%)	✅
synthetic (title)	58.8 efps (17ms)	58.8 efps (17ms)	+0ms (-/-%)	✅
synthetic (string inside object)	58.8 efps (17ms)	47.6 efps (21ms)	+4ms (+23.5%)	🔴

efps — editor "frames per second". The number of updates assumed to be possible within a second.

Derived from input latency. efps = 1000 / input_latency

Detailed information

🏠 Reference result

The performance result of sanity@latest

Benchmark	latency	p75	p90	p99	blocking time	test duration
article (title)	29ms	33ms	48ms	77ms	70ms	8.1s
article (body)	20ms	31ms	41ms	100ms	290ms	5.7s
article (string inside object)	21ms	24ms	27ms	68ms	1ms	6.4s
article (string inside array)	25ms	30ms	50ms	63ms	7ms	6.8s
recipe (name)	11ms	14ms	16ms	47ms	0ms	5.4s
recipe (description)	20ms	22ms	26ms	45ms	0ms	4.6s
recipe (instructions)	10ms	12ms	14ms	57ms	0ms	3.4s
singleString (stringField)	7ms	10ms	11ms	21ms	0ms	4.5s
synthetic (title)	17ms	21ms	26ms	96ms	1177ms	9.7s
synthetic (string inside object)	17ms	23ms	48ms	92ms	1241ms	9.1s

🧪 Experiment result

The performance result of this branch

Benchmark	latency	p75	p90	p99	blocking time	test duration
article (title)	33ms	42ms	66ms	95ms	112ms	8.7s
article (body)	21ms	28ms	33ms	96ms	246ms	5.6s
article (string inside object)	25ms	30ms	34ms	66ms	3ms	6.6s
article (string inside array)	25ms	28ms	46ms	70ms	21ms	7.3s
recipe (name)	10ms	12ms	16ms	40ms	0ms	5.2s
recipe (description)	21ms	24ms	26ms	34ms	0ms	4.5s
recipe (instructions)	9ms	13ms	15ms	48ms	0ms	3.4s
singleString (stringField)	6ms	9ms	11ms	20ms	1ms	4.5s
synthetic (title)	17ms	20ms	23ms	91ms	1357ms	9.2s
synthetic (string inside object)	21ms	27ms	48ms	91ms	1179ms	9.4s

📚 Glossary

column definitions

• benchmark — the name of the test, e.g. "article", followed by the label of the field being measured, e.g. "(title)".
• latency — the time between when a key was pressed and when it was rendered. derived from a set of samples. the median (p50) is shown to show the most common latency.
• p75 — the 75th percentile of the input latency in the test run. 75% of the sampled inputs in this benchmark were processed faster than this value. this provides insight into the upper range of typical performance.
• p90 — the 90th percentile of the input latency in the test run. 90% of the sampled inputs were faster than this. this metric helps identify slower interactions that occurred less frequently during the benchmark.
• p99 — the 99th percentile of the input latency in the test run. only 1% of sampled inputs were slower than this. this represents the worst-case scenarios encountered during the benchmark, useful for identifying potential performance outliers.
• blocking time — the total time during which the main thread was blocked, preventing user input and UI updates. this metric helps identify performance bottlenecks that may cause the interface to feel unresponsive.
• test duration — how long the test run took to complete.

[github-actions]

Coverage Report

Status	Category	Percentage	Covered / Total
🔵	Lines	37.64%	22173 / 58899
🔵	Statements	32.39%	26826 / 82811
🔵	Functions	39.18%	4519 / 11532
🔵	Branches	24.74%	17560 / 70963

File Coverage

No changed files found.

Generated in workflow #51882 for commit eb59918 by the Vitest Coverage Report Action

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: npm eslint-plugin-boundaries is 98.0% likely obfuscated Confidence: 0.98 Location: Package overview From: packages/sanity/package.json → npm/eslint-plugin-boundaries@5.4.0 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/eslint-plugin-boundaries@5.4.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report