build(deps): bump the dependencies group with 8 updates

[dependabot]

Bumps the dependencies group with 8 updates:

Package	From	To
@filoz/synapse-sdk	0.40.0	0.40.3
@tanstack/react-query	5.95.2	5.96.2
next	16.2.1	16.2.2
next-plausible	3.12.5	4.0.0
slugify	1.6.8	1.6.9
viem	2.47.6	2.47.10
@biomejs/biome	2.4.9	2.4.10
@types/node	25.5.0	25.5.2

Updates @filoz/synapse-sdk from 0.40.0 to 0.40.3

Release notes

Sourced from @​filoz/synapse-sdk's releases.

synapse-sdk: v0.40.3

0.40.3 (2026-04-02)

Features

• core: preserve non-standard SP registry capabilities in PDPOffering (#687) (716e309)

Bug Fixes

• errors: export StorageErrorOptions and enhance error constructors with documentation (7ac439a)
• keep the clone to new provider ids array (7124ec9)
• update getApprovedProviderIds and getEndorsedProviderIds with array return type (e037cec)

Chores

• types: update PullStatus export and adjust StorageContext to use waitForPullPieces (eb5566e)

synapse-sdk: v0.40.2

0.40.2 (2026-03-30)

Features

• storage: add 'source' and 'withCDN' getters on StorageManager (#701) (d463939)

Bug Fixes

• re-export error handling utilities and adjust type export order (011f47f)

Chores

• update biome and fix issues (f5e8abd)

Documentation

• additional docs for upload options: providerId and dataSetId (#690) (c57a707)

synapse-sdk: v0.40.1

0.40.1 (2026-03-30)

Bug Fixes

• installation instructions (#692) (966a389)

... (truncated)

Commits

• 4d47a35 chore(master): release synapse-sdk 0.40.3 (#716)
• cecc516 chore(master): release synapse-core 0.4.0 (#715)
• 716e309 feat(core): preserve non-standard SP registry capabilities in PDPOffering (#687)
• 80799c0 chore: update providers ids new names and return type in more places
• 7124ec9 fix: keep the clone to new provider ids array
• e988ab4 docs: update endorsedIds and excludeProviderIds to use arrays for consistency
• 2407514 fix: rename getApprovedProvidersIds to getApprovedProviderIds and update rela...
• e037cec fix: update getApprovedProviderIds and getEndorsedProviderIds with array retu...
• eced30c feat!: rename getProviderIds to getEndorsedProviderIds and getApprovedProvid...
• fc0a6e2 chore(docs): update StorageContext to use waitForPullPieces instead of waitFo...
• Additional commits viewable in compare view

Updates @tanstack/react-query from 5.95.2 to 5.96.2

Release notes

Sourced from @​tanstack/react-query's releases.

@​tanstack/react-query-devtools@​5.96.2

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-devtools@​5.96.2
  • @​tanstack/react-query@​5.96.2

@​tanstack/react-query-next-experimental@​5.96.2

Patch Changes

• Updated dependencies []:
  • @​tanstack/react-query@​5.96.2

@​tanstack/react-query-persist-client@​5.96.2

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-persist-client-core@​5.96.2
  • @​tanstack/react-query@​5.96.2

@​tanstack/react-query@​5.96.2

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.96.2

@​tanstack/react-query-devtools@​5.96.1

Patch Changes

• fix(build): exclude config files from production DTS rollup to prevent @types/node type pollution (#10358)

• Updated dependencies []:

  • @​tanstack/query-devtools@​5.96.1
  • @​tanstack/react-query@​5.96.1

@​tanstack/react-query-next-experimental@​5.96.1

Patch Changes

• Updated dependencies []:
  • @​tanstack/react-query@​5.96.1

@​tanstack/react-query-persist-client@​5.96.1

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-persist-client-core@​5.96.1
  • @​tanstack/react-query@​5.96.1

@​tanstack/react-query@​5.96.1

Patch Changes

... (truncated)

Changelog

Sourced from @​tanstack/react-query's changelog.

5.96.2

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.96.2

5.96.1

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.96.1

5.96.0

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.96.0

Commits

• 5ca721f ci: Version Packages (#10379)
• 75052a7 ci: Version Packages (#10370)
• 73e783b ci: Version Packages (#10364)
• 14a97b7 test(react-query): replace 'import React' with 'import * as React' in 'usePre...
• fd8c068 test({react,preact}-query/useSuspenseQueries): merge redundant second 'descri...
• f168555 test({react,preact,solid}-query): move 'queryClient' and 'queryCache' to 'bef...
• afb5812 test({react,preact}-query/useSuspenseQueries): inline test helpers, remove sh...
• 9e1bb94 test(react-query/useSuspenseQueries): remove unnecessary 'act' wrapper from b...
• 55cee0a test({react,preact}-query/useSuspenseQueries): add test for not suspending bu...
• 7fc6e6a test({react,preact}-query/useSuspenseQueries): add test for not suspending bu...
• See full diff in compare view

Updates next from 16.2.1 to 16.2.2

Release notes

Sourced from next's releases.

v16.2.2

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• backport: Move expanded adapters docs to API reference (#92115) (#92129)
• Backport: TypeScript v6 deprecations for baseUrl and moduleResolution (#92130)
• [create-next-app] Skip interactive prompts when CLI flags are provided (#91840)
• next.config.js: Accept an option for serverFastRefresh (#91968)
• Turbopack: enable server HMR for app route handlers (#91466)
• Turbopack: exclude metadata routes from server HMR (#92034)
• Fix CI for glibc linux builds
• Backport: disable bmi2 in qfilter #92177
• [backport] Fix CSS HMR on Safari (#92174)

Credits

Huge thanks to @​nextjs-bot, @​icyJoseph, @​ijjk, @​gaojude, @​wbinnssmith, @​lukesandberg, and @​bgw for helping!

Commits

• 52faae3 v16.2.2
• 8d0f77b Backport: #92177
• e151e5f Fix CI for glibc linux builds
• 1a319ea [backport] Fix CSS HMR on Safari (#92174)
• c0edad2 Turbopack: exclude metadata routes from server HMR (#92034)
• d644699 Turbopack: enable server HMR for app route handlers (#91466)
• 34de2ca next.config.js: Accept an option for serverFastRefresh (#91968)
• c4779d1 [create-next-app] Skip interactive prompts when CLI flags are provided (#91840)
• edcf19a Backport: TypeScript v6 deprecations for baseUrl and moduleResolution (#92130)
• eee3f52 backport: Move expanded adapters docs to API reference (#92115) (#92129)
• Additional commits viewable in compare view

Updates next-plausible from 3.12.5 to 4.0.0

Changelog

Sourced from next-plausible's changelog.

v4.0.0 (2026-04-03)

Full Changelog

Closed issues:

• Support Next,js 16 #149

Commits

• 34844a1 4.0.0
• 6fe8c5a Migrating to Plausible script v2
• 67cbb2f npx fix-react2shell-next
• See full diff in compare view

Updates slugify from 1.6.8 to 1.6.9

Changelog

Sourced from slugify's changelog.

v1.6.9 (2026-04-01)

• #171 fix: correct CommonJS export for "module": "node16" + ESM (171) (@​karlhorky)

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by joshuakgoldberg, a new releaser for slugify since your current version.

Updates viem from 2.47.6 to 2.47.10

Release notes

Sourced from viem's releases.

viem@2.47.10

Patch Changes

• #4443 19dd6e54001a82f20ab13e42eacdbe61814e6e52 Thanks @​TJ-Frederick! - Added Radius Network (chain ID 723487) and Radius Test Network (chain ID 72344) chain definitions.

• #4456 7b2cca5ab72c56b4c1a18d9765f4f323ca6b162d Thanks @​jxom! - viem/tempo: Extracted keyAuthorization from eth_fillTransaction response in prepareTransactionRequest.

• #4457 39d42e515f33f54102d56705cf25c51f8d8f4087 Thanks @​jxom! - viem/tempo: Added hardfork-aware getRemainingLimit that uses getRemainingLimitWithPeriod on T3+ chains. Returns { remaining, periodEnd } object.

• #4448 3b1908405105bf9d2a08dd1943b4b3fad2cee38a Thanks @​jxom! - Fixed transaction type detection for secp256k1 access key accounts.

• #4450 4555ee6329235335d4278a3f9f33af69091a1c79 Thanks @​jxom! - viem/tempo: Fixed gas estimation for access key transactions with a fee payer.

• #4432 3aa680df95bda40adc9306749e0fd46b93cc6bde Thanks @​jxom! - viem/tempo: Added access key signature verification support to verifyHash via mode: 'allowAccessKey'.

• #4442 0ece4d9d08f53c817b0401fdd39ac3abb59c05f2 Thanks @​decofe! - viem/tempo: Added TIP-1004 (EIP-2612) permit functions to the tip20 ABI (permit, nonces, DOMAIN_SEPARATOR, PermitExpired, InvalidSignature).

• #4419 4f77ac880ed81e104a68a530665b42661e0c1ebf Thanks @​emdin! - Added Igra Network chain.

• #4422 3c950f70495df4a357b57b6c90ffb828f0a8a884 Thanks @​ryanRfox! - Added Mezo and Mezo Testnet chains.

• #4426 63ab458812b15fe5d737de08356f8b4e635c6da3 Thanks @​PatrickAlphaC! - Added BattleChain Testnet

• #4423 16f6ca238cd5e6d86b36dbb92098a180af6d8ef7 Thanks @​pxrl! - Added basic OP definitions to MegaETH, fixed Blockscout defs.

• 621b0856e55e710c61bd0a2d57c125d559bd9ae4 Thanks @​jxom! - Propagated execution reverted errors (code 3) from eth_fillTransaction in prepareTransactionRequest instead of silently falling through.

• #4409 25634335611498ecaead8435b1403e5f28d30fc1 Thanks @​abs3ntdev! - Added Gensyn Mainnet

• #4425 ce08d9a4dc9ab986d5d9f6cfe380ae6ec1fec2d9 Thanks @​o-az! - Removed Tempo Andantino network and updated references

• #4420 c158236bd6e0d5c80881243d85a535723f61dd7e Thanks @​mycodecrafting! - Added Eden chain.

• #4421 26bf275307bf6e31430fa5283770f5caa4033aee Thanks @​KirienzoEth! - Add the multicall3 configuration to the Katana chain's config

Commits

• 14f77b7 tests: up
• 87c04ee fix: don't overwrite client-provided keyAuthorization with fill response
• 2db2365 chore: version package (#4458)
• 484c7a5 style: fix biome formatting
• 19dd6e5 feat: add Radius Network chain definitions (#4443)
• 7b2cca5 feat: extract keyAuthorization from eth_fillTransaction response (#4456)
• 39d42e5 feat(tempo): t3 hardfork support for getRemainingLimit (#4457)
• a84f451 chore: use explicit publicnode rpc url in environment tests
• 41c9783 Revert "tests: use diff rpc for env tests"
• 2f5ae48 tests: use diff rpc for env tests
• Additional commits viewable in compare view

Updates @biomejs/biome from 2.4.9 to 2.4.10

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.4.10

2.4.10

Patch Changes

• #8838 f3a6a6b Thanks @​baeseokjae! - Added new lint nursery rule noImpliedEval.

  The rule detects implied eval() usage through functions like setTimeout, setInterval, and setImmediate when called with string arguments.

  // Invalid
  setTimeout("alert('Hello');", 100);
  // Valid
  setTimeout(() => alert("Hello"), 100);

• #9320 93c3b6c Thanks @​taberoajorge! - Fixed #7664: noUnusedVariables no longer reports false positives for TypeScript namespace declarations that participate in declaration merging with an exported or used value declaration (const, function, or class) of the same name. The reverse direction is also handled: a value declaration merged with an exported namespace is no longer flagged.

• #9630 1dd4a56 Thanks @​raashish1601! - Fixed #9629: noNegationElse now keeps ternary branch comments attached to the correct branch when applying its fixer.

• #9216 04243b0 Thanks @​FrederickStempfle! - Fixed #9061: noProcessEnv now also detects process.env when process is imported from the "process" or "node:process" modules.

  Previously, only the global process object was flagged:

  import process from "node:process";
  // This was not flagged, but now it is:
  console.log(process.env.NODE_ENV);

• #9692 61b7ec5 Thanks @​mkosei! - Fixed Svelte #each destructuring parsing and formatting for nested patterns such as [key, { a, b }].

• #9627 06a0f35 Thanks @​ematipico! - Fixed #191: Improved the performance of how the Biome Language Server pulls code actions and diagnostics.

  Before, code actions were pulled and computed all at once in one request. This approach couldn't work in big files, and caused Biome to stale and have CPU usage spikes up to 100%.

  Now, code actions are pulled and computed lazily, and Biome won't choke anymore in big files.

• #9643 5bfee36 Thanks @​dyc3! - Fixed #9347: useVueValidVBind no longer reports valid object bindings like v-bind="props".

• #9627 06a0f35 Thanks @​ematipico! - Fixed assist diagnostics being invisible when using --diagnostic-level=error. Enforced assist violations (e.g. useSortedKeys) were filtered out before being promoted to errors, causing biome check to incorrectly return success.

• #9695 9856a87 Thanks @​dyc3! - Added the new nursery rule noUnsafePlusOperands, which reports + and += operations that use object-like, symbol, unknown, or never operands, or that mix number with bigint.

• #9627 06a0f35 Thanks @​ematipico! - Fixed duplicate parse errors in check and ci output. When a file had syntax errors, the same parse error was printed twice and the error count was inflated.

• #9627 06a0f35 Thanks @​ematipico! - Improved the performance of the commands lint and check when they are called with --write.

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.4.10

Patch Changes

• #8838 f3a6a6b Thanks @​baeseokjae! - Added new lint nursery rule noImpliedEval.

  The rule detects implied eval() usage through functions like setTimeout, setInterval, and setImmediate when called with string arguments.

  // Invalid
  setTimeout("alert('Hello');", 100);
  // Valid
  setTimeout(() => alert("Hello"), 100);

• #9320 93c3b6c Thanks @​taberoajorge! - Fixed #7664: noUnusedVariables no longer reports false positives for TypeScript namespace declarations that participate in declaration merging with an exported or used value declaration (const, function, or class) of the same name. The reverse direction is also handled: a value declaration merged with an exported namespace is no longer flagged.

• #9630 1dd4a56 Thanks @​raashish1601! - Fixed #9629: noNegationElse now keeps ternary branch comments attached to the correct branch when applying its fixer.

• #9216 04243b0 Thanks @​FrederickStempfle! - Fixed #9061: noProcessEnv now also detects process.env when process is imported from the "process" or "node:process" modules.

  Previously, only the global process object was flagged:

  import process from "node:process";
  // This was not flagged, but now it is:
  console.log(process.env.NODE_ENV);

• #9692 61b7ec5 Thanks @​mkosei! - Fixed Svelte #each destructuring parsing and formatting for nested patterns such as [key, { a, b }].

• #9627 06a0f35 Thanks @​ematipico! - Fixed #191: Improved the performance of how the Biome Language Server pulls code actions and diagnostics.

  Before, code actions were pulled and computed all at once in one request. This approach couldn't work in big files, and caused Biome to stale and have CPU usage spikes up to 100%.

  Now, code actions are pulled and computed lazily, and Biome won't choke anymore in big files.

• #9643 5bfee36 Thanks @​dyc3! - Fixed #9347: useVueValidVBind no longer reports valid object bindings like v-bind="props".

• #9627 06a0f35 Thanks @​ematipico! - Fixed assist diagnostics being invisible when using --diagnostic-level=error. Enforced assist violations (e.g. useSortedKeys) were filtered out before being promoted to errors, causing biome check to incorrectly return success.

• #9695 9856a87 Thanks @​dyc3! - Added the new nursery rule noUnsafePlusOperands, which reports + and += operations that use object-like, symbol, unknown, or never operands, or that mix number with bigint.

• #9627 06a0f35 Thanks @​ematipico! - Fixed duplicate parse errors in check and ci output. When a file had syntax errors, the same parse error was printed twice and the error count was inflated.

• #9627 06a0f35 Thanks @​ematipico! - Improved the performance of the commands lint and check when they are called with --write.

• #9627 06a0f35 Thanks @​ematipico! - Fixed --diagnostic-level not fully filtering diagnostics. Setting --diagnostic-level=error now correctly excludes warnings and infos from both the output and the summary counts.

... (truncated)

Commits

• fcf216d ci: release (#9622)
• 8b7f55c chore: update sponsors (#9714)
• 9856a87 feat(lint/js): add noUnsafePlusOperands (#9695)
• 5bfee36 fix(useVueValidVBind): don't flag missing arguments (#9643)
• f3a6a6b feat(linter): add noImpliedEval rule (#8838)
• See full diff in compare view

Updates @types/node from 25.5.0 to 25.5.2

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
filecoin-cloud	Error		Apr 5, 2026 2:25pm

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.