Skip to content

chore(deps): bump the frontend-deps group across 1 directory with 12 updates#748

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/frontend/frontend-deps-c44bc748cb
Open

chore(deps): bump the frontend-deps group across 1 directory with 12 updates#748
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/frontend/frontend-deps-c44bc748cb

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 7, 2026

Copy link
Copy Markdown
Contributor

Bumps the frontend-deps group with 11 updates in the /frontend directory:

Package From To
@sentry/nextjs 10.63.0 10.64.0
@tiptap/extension-code-block 3.27.2 3.27.3
@tiptap/extension-link 3.27.2 3.27.3
@tiptap/extension-placeholder 3.27.2 3.27.3
@tiptap/html 3.27.2 3.27.3
@tiptap/react 3.27.2 3.27.3
@tiptap/starter-kit 3.27.2 3.27.3
next 16.2.9 16.2.10
@types/dompurify 3.0.5 3.2.0
eslint-config-next 16.2.9 16.2.10
vite 8.1.2 8.1.3

Updates @sentry/nextjs from 10.63.0 to 10.64.0

Release notes

Sourced from @​sentry/nextjs's releases.

10.64.0

Important Changes

  • feat(cloudflare): Add nodejs_compat entrypoint (#21881)

    The Cloudflare SDK now ships a dedicated @sentry/cloudflare/nodejs_compat entrypoint for Workers running with the nodejs_compat flag. This entrypoint unlocks Node SDK features on Cloudflare, including the prismaIntegration (#21882) and AI v7 support for the vercelAiIntegration (#21917).

    This entrypoint is a drop-in replacement, so you can switch your imports from @sentry/cloudflare directly to @sentry/cloudflare/nodejs_compat. To use it, your Worker must set the nodejs_compat compatibility flag in wrangler.toml/wrangler.jsonc. This will become the default entrypoint in v11.

  • feat: Use Sentry's minimal OpenTelemetry tracer provider by default (#21666, #21680, #21842)

    The Node SDK now registers Sentry's own minimal SentryTracerProvider by default, which creates native Sentry spans directly instead of routing them through the full OpenTelemetry SDK span pipeline. This reduces overhead for the common case where you don't need the full OpenTelemetry tracing stack.

    If you rely on OpenTelemetry SDK features that the minimal provider doesn't support, you can opt out and fall back to the full OpenTelemetry BasicTracerProvider by setting openTelemetryBasicTracerProvider: true in your Sentry.init() options. Providing custom openTelemetrySpanProcessors also forces the full provider automatically.

Other Changes

  • feat(bun,deno,node): pg orchestrion instrumentation (#21826)
  • feat(bun): enable new mysql, pg integrations in 'bun build' (#21828)
  • feat(cloudflare): Enable AI v7 support for Cloudflare in the /nodejs_compat entrypoint (#21917)
  • feat(cloudflare): Expose prismaIntegration in nodejs_compat export (#21882)
  • feat(core): Add sentry.trace_lifecycle attribute (#21850)
  • feat(core): Add deferred segment-span transaction capture (#21839)
  • feat(deps): Bump OpenTelemetry dependencies to latest (#21988)
  • feat(mongoose): Instrument mongoose >= 9.7 via native tracing channels (#21803)
  • feat(replays): Record segment names that occur during replay (#21851)
  • fix(browser): Accept precisely-typed GrowthBook class in growthbookIntegration (#21825)
  • fix(browser): Flush telemetry when page is hidden (#21862)
  • fix(cloudflare): Catch potential errors during flush and dispose (#21976)
  • fix(core): Capture Anthropic stream stop_reason from message_delta (#21907)
  • fix(core): Print getTraceMetaTags in 1 line to prevent hydration errors (#22004)
  • fix(nextjs): Add immutable browser chunks to upload assets (#21978)
  • fix(nextjs): Handle Middleware.execute root spans on Node.js runtime (#22013)
  • fix(react/solid/vue): Instrument TanStack Router navigations via onBeforeLoad/onResolved (#21975)
  • chore: Add experimentalUseDiagnosticsChannelInjection in node size-limit (#21992)
  • chore: Add external contributor to CHANGELOG.md (#21945)
  • chore: Clarify usage of hoistTransitiveImports option (#21888)
  • chore: Make @​sentry/conventions sideEffect free during bundling (#22015)
  • chore: Remove runtime ESM/CJS switching (#21761)
  • chore(ci): Replace app-id with client-id in GH workflows (#21914)
  • chore(cloudflare): Disallow Node SDK usage outside of nodejs_compat (#21884)
  • chore(cloudflare): Disallow server-utils usage outside of nodejs_compat (#21918)
  • chore(node-core): Move isCjs to its own file to prevent sideEffects (#21856)
  • ci: Increase Node integration test timeout to 20 minutes (#21903)
  • deps(server-utils): Bump @​apm-js-collab/tracing-hooks to 0.10.1 (#21892)
  • feat(server-utils): Implement orchestrion-based instrumentation for vercel-ai v6 (#21658)

... (truncated)

Changelog

Sourced from @​sentry/nextjs's changelog.

10.64.0

Important Changes

  • feat(cloudflare): Add nodejs_compat entrypoint (#21881)

    The Cloudflare SDK now ships a dedicated @sentry/cloudflare/nodejs_compat entrypoint for Workers running with the nodejs_compat flag. This entrypoint unlocks Node SDK features on Cloudflare, including the prismaIntegration (#21882) and AI v7 support for the vercelAiIntegration (#21917).

    This entrypoint is a drop-in replacement, so you can switch your imports from @sentry/cloudflare directly to @sentry/cloudflare/nodejs_compat. To use it, your Worker must set the nodejs_compat compatibility flag in wrangler.toml/wrangler.jsonc. This will become the default entrypoint in v11.

  • feat: Use Sentry's minimal OpenTelemetry tracer provider by default (#21666, #21680, #21842)

    The Node SDK now registers Sentry's own minimal SentryTracerProvider by default, which creates native Sentry spans directly instead of routing them through the full OpenTelemetry SDK span pipeline. This reduces overhead for the common case where you don't need the full OpenTelemetry tracing stack.

    If you rely on OpenTelemetry SDK features that the minimal provider doesn't support, you can opt out and fall back to the full OpenTelemetry BasicTracerProvider by setting openTelemetryBasicTracerProvider: true in your Sentry.init() options. Providing custom openTelemetrySpanProcessors also forces the full provider automatically.

Other Changes

  • feat(bun,deno,node): pg orchestrion instrumentation (#21826)
  • feat(bun): enable new mysql, pg integrations in 'bun build' (#21828)
  • feat(cloudflare): Enable AI v7 support for Cloudflare in the /nodejs_compat entrypoint (#21917)
  • feat(cloudflare): Expose prismaIntegration in nodejs_compat export (#21882)
  • feat(core): Add sentry.trace_lifecycle attribute (#21850)
  • feat(core): Add deferred segment-span transaction capture (#21839)
  • feat(deps): Bump OpenTelemetry dependencies to latest (#21988)
  • feat(mongoose): Instrument mongoose >= 9.7 via native tracing channels (#21803)
  • feat(replays): Record segment names that occur during replay (#21851)
  • fix(browser): Accept precisely-typed GrowthBook class in growthbookIntegration (#21825)
  • fix(browser): Flush telemetry when page is hidden (#21862)
  • fix(cloudflare): Catch potential errors during flush and dispose (#21976)
  • fix(core): Capture Anthropic stream stop_reason from message_delta (#21907)
  • fix(core): Print getTraceMetaTags in 1 line to prevent hydration errors (#22004)
  • fix(nextjs): Add immutable browser chunks to upload assets (#21978)
  • fix(nextjs): Handle Middleware.execute root spans on Node.js runtime (#22013)
  • fix(react/solid/vue): Instrument TanStack Router navigations via onBeforeLoad/onResolved (#21975)
  • chore: Add experimentalUseDiagnosticsChannelInjection in node size-limit (#21992)
  • chore: Add external contributor to CHANGELOG.md (#21945)
  • chore: Clarify usage of hoistTransitiveImports option (#21888)
  • chore: Make @​sentry/conventions sideEffect free during bundling (#22015)
  • chore: Remove runtime ESM/CJS switching (#21761)
  • chore(ci): Replace app-id with client-id in GH workflows (#21914)
  • chore(cloudflare): Disallow Node SDK usage outside of nodejs_compat (#21884)
  • chore(cloudflare): Disallow server-utils usage outside of nodejs_compat (#21918)
  • chore(node-core): Move isCjs to its own file to prevent sideEffects (#21856)
  • ci: Increase Node integration test timeout to 20 minutes (#21903)
  • deps(server-utils): Bump @​apm-js-collab/tracing-hooks to 0.10.1 (#21892)

... (truncated)

Commits
  • 5736a38 release: 10.64.0
  • 9074df6 Merge pull request #22016 from getsentry/prepare-release/10.64.0
  • 3610701 meta(changelog): Update changelog for 10.64.0
  • 7df7f30 fix(core): Print getTraceMetaTags in 1 line to prevent hydration errors (#22004)
  • 39d05cd fix(nextjs): Handle Middleware.execute root spans on Node.js runtime (#22013)
  • f7c75e7 chore: Make @​sentry/conventions sideEffect free during bundling (#22015)
  • 851edb3 test(node): Attempt to unflake docker-based node integration tests (#21905)
  • 5e48cb0 feat(server-utils): Rewrite @opentelemetry/instrumentation-hapi to orchestr...
  • 067f1b2 chore(cloudflare): Disallow server-utils usage outside of nodejs_compat (#21918)
  • 00cc317 feat(cloudflare): Enable AI v7 support for Cloudflare in the /nodejs_compat e...
  • Additional commits viewable in compare view

Updates @sentry/react from 10.63.0 to 10.64.0

Release notes

Sourced from @​sentry/react's releases.

10.64.0

Important Changes

  • feat(cloudflare): Add nodejs_compat entrypoint (#21881)

    The Cloudflare SDK now ships a dedicated @sentry/cloudflare/nodejs_compat entrypoint for Workers running with the nodejs_compat flag. This entrypoint unlocks Node SDK features on Cloudflare, including the prismaIntegration (#21882) and AI v7 support for the vercelAiIntegration (#21917).

    This entrypoint is a drop-in replacement, so you can switch your imports from @sentry/cloudflare directly to @sentry/cloudflare/nodejs_compat. To use it, your Worker must set the nodejs_compat compatibility flag in wrangler.toml/wrangler.jsonc. This will become the default entrypoint in v11.

  • feat: Use Sentry's minimal OpenTelemetry tracer provider by default (#21666, #21680, #21842)

    The Node SDK now registers Sentry's own minimal SentryTracerProvider by default, which creates native Sentry spans directly instead of routing them through the full OpenTelemetry SDK span pipeline. This reduces overhead for the common case where you don't need the full OpenTelemetry tracing stack.

    If you rely on OpenTelemetry SDK features that the minimal provider doesn't support, you can opt out and fall back to the full OpenTelemetry BasicTracerProvider by setting openTelemetryBasicTracerProvider: true in your Sentry.init() options. Providing custom openTelemetrySpanProcessors also forces the full provider automatically.

Other Changes

  • feat(bun,deno,node): pg orchestrion instrumentation (#21826)
  • feat(bun): enable new mysql, pg integrations in 'bun build' (#21828)
  • feat(cloudflare): Enable AI v7 support for Cloudflare in the /nodejs_compat entrypoint (#21917)
  • feat(cloudflare): Expose prismaIntegration in nodejs_compat export (#21882)
  • feat(core): Add sentry.trace_lifecycle attribute (#21850)
  • feat(core): Add deferred segment-span transaction capture (#21839)
  • feat(deps): Bump OpenTelemetry dependencies to latest (#21988)
  • feat(mongoose): Instrument mongoose >= 9.7 via native tracing channels (#21803)
  • feat(replays): Record segment names that occur during replay (#21851)
  • fix(browser): Accept precisely-typed GrowthBook class in growthbookIntegration (#21825)
  • fix(browser): Flush telemetry when page is hidden (#21862)
  • fix(cloudflare): Catch potential errors during flush and dispose (#21976)
  • fix(core): Capture Anthropic stream stop_reason from message_delta (#21907)
  • fix(core): Print getTraceMetaTags in 1 line to prevent hydration errors (#22004)
  • fix(nextjs): Add immutable browser chunks to upload assets (#21978)
  • fix(nextjs): Handle Middleware.execute root spans on Node.js runtime (#22013)
  • fix(react/solid/vue): Instrument TanStack Router navigations via onBeforeLoad/onResolved (#21975)
  • chore: Add experimentalUseDiagnosticsChannelInjection in node size-limit (#21992)
  • chore: Add external contributor to CHANGELOG.md (#21945)
  • chore: Clarify usage of hoistTransitiveImports option (#21888)
  • chore: Make @​sentry/conventions sideEffect free during bundling (#22015)
  • chore: Remove runtime ESM/CJS switching (#21761)
  • chore(ci): Replace app-id with client-id in GH workflows (#21914)
  • chore(cloudflare): Disallow Node SDK usage outside of nodejs_compat (#21884)
  • chore(cloudflare): Disallow server-utils usage outside of nodejs_compat (#21918)
  • chore(node-core): Move isCjs to its own file to prevent sideEffects (#21856)
  • ci: Increase Node integration test timeout to 20 minutes (#21903)
  • deps(server-utils): Bump @​apm-js-collab/tracing-hooks to 0.10.1 (#21892)
  • feat(server-utils): Implement orchestrion-based instrumentation for vercel-ai v6 (#21658)

... (truncated)

Changelog

Sourced from @​sentry/react's changelog.

10.64.0

Important Changes

  • feat(cloudflare): Add nodejs_compat entrypoint (#21881)

    The Cloudflare SDK now ships a dedicated @sentry/cloudflare/nodejs_compat entrypoint for Workers running with the nodejs_compat flag. This entrypoint unlocks Node SDK features on Cloudflare, including the prismaIntegration (#21882) and AI v7 support for the vercelAiIntegration (#21917).

    This entrypoint is a drop-in replacement, so you can switch your imports from @sentry/cloudflare directly to @sentry/cloudflare/nodejs_compat. To use it, your Worker must set the nodejs_compat compatibility flag in wrangler.toml/wrangler.jsonc. This will become the default entrypoint in v11.

  • feat: Use Sentry's minimal OpenTelemetry tracer provider by default (#21666, #21680, #21842)

    The Node SDK now registers Sentry's own minimal SentryTracerProvider by default, which creates native Sentry spans directly instead of routing them through the full OpenTelemetry SDK span pipeline. This reduces overhead for the common case where you don't need the full OpenTelemetry tracing stack.

    If you rely on OpenTelemetry SDK features that the minimal provider doesn't support, you can opt out and fall back to the full OpenTelemetry BasicTracerProvider by setting openTelemetryBasicTracerProvider: true in your Sentry.init() options. Providing custom openTelemetrySpanProcessors also forces the full provider automatically.

Other Changes

  • feat(bun,deno,node): pg orchestrion instrumentation (#21826)
  • feat(bun): enable new mysql, pg integrations in 'bun build' (#21828)
  • feat(cloudflare): Enable AI v7 support for Cloudflare in the /nodejs_compat entrypoint (#21917)
  • feat(cloudflare): Expose prismaIntegration in nodejs_compat export (#21882)
  • feat(core): Add sentry.trace_lifecycle attribute (#21850)
  • feat(core): Add deferred segment-span transaction capture (#21839)
  • feat(deps): Bump OpenTelemetry dependencies to latest (#21988)
  • feat(mongoose): Instrument mongoose >= 9.7 via native tracing channels (#21803)
  • feat(replays): Record segment names that occur during replay (#21851)
  • fix(browser): Accept precisely-typed GrowthBook class in growthbookIntegration (#21825)
  • fix(browser): Flush telemetry when page is hidden (#21862)
  • fix(cloudflare): Catch potential errors during flush and dispose (#21976)
  • fix(core): Capture Anthropic stream stop_reason from message_delta (#21907)
  • fix(core): Print getTraceMetaTags in 1 line to prevent hydration errors (#22004)
  • fix(nextjs): Add immutable browser chunks to upload assets (#21978)
  • fix(nextjs): Handle Middleware.execute root spans on Node.js runtime (#22013)
  • fix(react/solid/vue): Instrument TanStack Router navigations via onBeforeLoad/onResolved (#21975)
  • chore: Add experimentalUseDiagnosticsChannelInjection in node size-limit (#21992)
  • chore: Add external contributor to CHANGELOG.md (#21945)
  • chore: Clarify usage of hoistTransitiveImports option (#21888)
  • chore: Make @​sentry/conventions sideEffect free during bundling (#22015)
  • chore: Remove runtime ESM/CJS switching (#21761)
  • chore(ci): Replace app-id with client-id in GH workflows (#21914)
  • chore(cloudflare): Disallow Node SDK usage outside of nodejs_compat (#21884)
  • chore(cloudflare): Disallow server-utils usage outside of nodejs_compat (#21918)
  • chore(node-core): Move isCjs to its own file to prevent sideEffects (#21856)
  • ci: Increase Node integration test timeout to 20 minutes (#21903)
  • deps(server-utils): Bump @​apm-js-collab/tracing-hooks to 0.10.1 (#21892)

... (truncated)

Commits
  • 5736a38 release: 10.64.0
  • 9074df6 Merge pull request #22016 from getsentry/prepare-release/10.64.0
  • 3610701 meta(changelog): Update changelog for 10.64.0
  • 7df7f30 fix(core): Print getTraceMetaTags in 1 line to prevent hydration errors (#22004)
  • 39d05cd fix(nextjs): Handle Middleware.execute root spans on Node.js runtime (#22013)
  • f7c75e7 chore: Make @​sentry/conventions sideEffect free during bundling (#22015)
  • 851edb3 test(node): Attempt to unflake docker-based node integration tests (#21905)
  • 5e48cb0 feat(server-utils): Rewrite @opentelemetry/instrumentation-hapi to orchestr...
  • 067f1b2 chore(cloudflare): Disallow server-utils usage outside of nodejs_compat (#21918)
  • 00cc317 feat(cloudflare): Enable AI v7 support for Cloudflare in the /nodejs_compat e...
  • Additional commits viewable in compare view

Updates @tiptap/extension-code-block from 3.27.2 to 3.27.3

Release notes

Sourced from @​tiptap/extension-code-block's releases.

v3.27.3

@​tiptap/core

Patch Changes

  • 94de762: Fix deleteSelection to delete content across all selection ranges instead of only the first range. This restores multi-cell table selections and other custom selections with multiple ranges.
  • @​tiptap/pm@​3.27.3

@​tiptap/extension-list

Patch Changes

  • 94de762: Fix markdown parsing bugs where block elements right after an ordered list item (with no blank line in between) were wrongly treated as lazy continuation of the list item, instead of terminating the list the way other markdown parsers do:

    • Thematic breaks (---, ***, ___, * * *) were swallowed into the list item as literal paragraph text — along with every line after them. They now terminate the list and become a horizontal rule.
    • Fenced code blocks (``` and ~~~) were nested inside the list item. They now terminate the list and become a top-level code block.
    • Unindented bullet markers (- item) were nested inside the ordered list item. They now terminate the ordered list and start a new top-level bullet list. Indented bullets still nest inside the item as before.

    An indented ***/___ inside item content is now also parsed as a horizontal rule inside the item instead of literal text. A --- line directly below item paragraph text keeps its current behavior because it is a setext heading underline per CommonMark, not a thematic break.

  • 94de762: Fix indented ordered list items (e.g. one leading space before the marker, as happens when a top-level ordered list is itself nested inside another list) losing inline formatting during markdown parsing. The custom ordered-list markdown tokenizer built its nested structure with a hardcoded base indentation of 0, so an item whose actual indentation was non-zero never matched, causing the tokenizer to silently produce zero items and bail out — falling back to a path that left the item's content as literal, unparsed text instead of running it through inline tokenization (bold, italic, etc. were lost). The base indentation is now taken from the first collected item instead of being hardcoded.

  • Updated dependencies [94de762]

    • @​tiptap/core@​3.27.3
    • @​tiptap/pm@​3.27.3

@​tiptap/extensions

Patch Changes

  • 94de762: Fixed placeholder flickering and disappearance on large documents. Replaced the viewport-based decoration scan with an incremental StateField<DecorationSet> that only re-computes decorations for top-level nodes touched by each transaction. This eliminates the dependency on DOM measurement (posAtCoords), requestAnimationFrame scheduling, and scroll listeners that caused flickering under collaboration, occlusion, and rapid edits.
Changelog

Sourced from @​tiptap/extension-code-block's changelog.

3.27.3

Patch Changes

  • Updated dependencies [023f98c]
    • @​tiptap/core@​3.27.3
    • @​tiptap/pm@​3.27.3
Commits

Updates @tiptap/extension-link from 3.27.2 to 3.27.3

Release notes

Sourced from @​tiptap/extension-link's releases.

v3.27.3

@​tiptap/core

Patch Changes

  • 94de762: Fix deleteSelection to delete content across all selection ranges instead of only the first range. This restores multi-cell table selections and other custom selections with multiple ranges.
  • @​tiptap/pm@​3.27.3

@​tiptap/extension-list

Patch Changes

  • 94de762: Fix markdown parsing bugs where block elements right after an ordered list item (with no blank line in between) were wrongly treated as lazy continuation of the list item, instead of terminating the list the way other markdown parsers do:

    • Thematic breaks (---, ***, ___, * * *) were swallowed into the list item as literal paragraph text — along with every line after them. They now terminate the list and become a horizontal rule.
    • Fenced code blocks (``` and ~~~) were nested inside the list item. They now terminate the list and become a top-level code block.
    • Unindented bullet markers (- item) were nested inside the ordered list item. They now terminate the ordered list and start a new top-level bullet list. Indented bullets still nest inside the item as before.

    An indented ***/___ inside item content is now also parsed as a horizontal rule inside the item instead of literal text. A --- line directly below item paragraph text keeps its current behavior because it is a setext heading underline per CommonMark, not a thematic break.

  • 94de762: Fix indented ordered list items (e.g. one leading space before the marker, as happens when a top-level ordered list is itself nested inside another list) losing inline formatting during markdown parsing. The custom ordered-list markdown tokenizer built its nested structure with a hardcoded base indentation of 0, so an item whose actual indentation was non-zero never matched, causing the tokenizer to silently produce zero items and bail out — falling back to a path that left the item's content as literal, unparsed text instead of running it through inline tokenization (bold, italic, etc. were lost). The base indentation is now taken from the first collected item instead of being hardcoded.

  • Updated dependencies [94de762]

    • @​tiptap/core@​3.27.3
    • @​tiptap/pm@​3.27.3

@​tiptap/extensions

Patch Changes

  • 94de762: Fixed placeholder flickering and disappearance on large documents. Replaced the viewport-based decoration scan with an incremental StateField<DecorationSet> that only re-computes decorations for top-level nodes touched by each transaction. This eliminates the dependency on DOM measurement (posAtCoords), requestAnimationFrame scheduling, and scroll listeners that caused flickering under collaboration, occlusion, and rapid edits.
Changelog

Sourced from @​tiptap/extension-link's changelog.

3.27.3

Patch Changes

  • Updated dependencies [023f98c]
    • @​tiptap/core@​3.27.3
    • @​tiptap/pm@​3.27.3
Commits

Updates @tiptap/extension-placeholder from 3.27.2 to 3.27.3

Release notes

Sourced from @​tiptap/extension-placeholder's releases.

v3.27.3

@​tiptap/core

Patch Changes

  • 94de762: Fix deleteSelection to delete content across all selection ranges instead of only the first range. This restores multi-cell table selections and other custom selections with multiple ranges.
  • @​tiptap/pm@​3.27.3

@​tiptap/extension-list

Patch Changes

  • 94de762: Fix markdown parsing bugs where block elements right after an ordered list item (with no blank line in between) were wrongly treated as lazy continuation of the list item, instead of terminating the list the way other markdown parsers do:

    • Thematic breaks (---, ***, ___, * * *) were swallowed into the list item as literal paragraph text — along with every line after them. They now terminate the list and become a horizontal rule.
    • Fenced code blocks (``` and ~~~) were nested inside the list item. They now terminate the list and become a top-level code block.
    • Unindented bullet markers (- item) were nested inside the ordered list item. They now terminate the ordered list and start a new top-level bullet list. Indented bullets still nest inside the item as before.

    An indented ***/___ inside item content is now also parsed as a horizontal rule inside the item instead of literal text. A --- line directly below item paragraph text keeps its current behavior because it is a setext heading underline per CommonMark, not a thematic break.

  • 94de762: Fix indented ordered list items (e.g. one leading space before the marker, as happens when a top-level ordered list is itself nested inside another list) losing inline formatting during markdown parsing. The custom ordered-list markdown tokenizer built its nested structure with a hardcoded base indentation of 0, so an item whose actual indentation was non-zero never matched, causing the tokenizer to silently produce zero items and bail out — falling back to a path that left the item's content as literal, unparsed text instead of running it through inline tokenization (bold, italic, etc. were lost). The base indentation is now taken from the first collected item instead of being hardcoded.

  • Updated dependencies [94de762]

    • @​tiptap/core@​3.27.3
    • @​tiptap/pm@​3.27.3

@​tiptap/extensions

Patch Changes

  • 94de762: Fixed placeholder flickering and disappearance on large documents. Replaced the viewport-based decoration scan with an incremental StateField<DecorationSet> that only re-computes decorations for top-level nodes touched by each transaction. This eliminates the dependency on DOM measurement (posAtCoords), requestAnimationFrame scheduling, and scroll listeners that caused flickering under collaboration, occlusion, and rapid edits.
Changelog

Sourced from @​tiptap/extension-placeholder's changelog.

3.27.3

Patch Changes

  • Updated dependencies [76a76da]
    • @​tiptap/extensions@​3.27.3
Commits

Updates @tiptap/html from 3.27.2 to 3.27.3

Release notes

Sourced from @​tiptap/html's releases.

v3.27.3

@​tiptap/core

Patch Changes

  • 94de762: Fix deleteSelection to delete content across all selection ranges instead of only the first range. This restores multi-cell table selections and other custom selections with multiple ranges.
  • @​tiptap/pm@​3.27.3

@​tiptap/extension-list

Patch Changes

  • 94de762: Fix markdown parsing bugs where block elements right after an ordered list item (with no blank line in between) were wrongly treated as lazy continuation of the list item, instead of terminating the list the way other markdown parsers do:

    • Thematic breaks (---, ***, ___, * * *) were swallowed into the list item as literal paragraph text — along with every line after them. They now terminate the list and become a horizontal rule.
    • Fenced code blocks (``` and ~~~) were nested inside the list item. They now terminate the list and become a top-level code block.
    • Unindented bullet markers (- item) were nested inside the ordered list item. They now terminate the ordered list and start a new top-level bullet list. Indented bullets still nest inside the item as before.

    An indented ***/___ inside item content is now also parsed as a horizontal rule inside the item instead of literal text. A --- line directly below item paragraph text keeps its current behavior because it is a setext heading underline per CommonMark, not a thematic break.

  • 94de762: Fix indented ordered list items (e.g. one leading space before the marker, as happens when a top-level ordered list is itself nested inside another list) losing inline formatting during markdown parsing. The custom ordered-list markdown tokenizer built its nested structure with a hardcoded base indentation of 0, so an item whose actual indentation was non-zero never matched, causing the tokenizer to silently produce zero items and bail out — falling back to a path that left the item's content as literal, unparsed text instead of running it through inline tokenization (bold, italic, etc. were lost). The base indentation is now taken from the first collected item instead of being hardcoded.

  • Updated dependencies [94de762]

    • @​tiptap/core@​3.27.3
    • @​tiptap/pm@​3.27.3

@​tiptap/extensions

Patch Changes

  • 94de762: Fixed placeholder flickering and disappearance on large documents. Replaced the viewport-based decoration scan with an incremental StateField<DecorationSet> that only re-computes decorations for top-level nodes touched by each transaction. This eliminates the dependency on DOM measurement (posAtCoords), requestAnimationFrame scheduling, and scroll listeners that caused flickering under collaboration, occlusion, and rapid edits.
Changelog

Sourced from @​tiptap/html's changelog.

3.27.3

Patch Changes

  • Updated dependencies [023f98c]
    • @​tiptap/core@​3.27.3
    • @​tiptap/pm@​3.27.3
Commits

Updates @tiptap/react from 3.27.2 to 3.27.3

Release notes

Sourced from @​tiptap/react's releases.

v3.27.3

@​tiptap/core

Patch Changes

  • 94de762: Fix deleteSelection to delete content across all selection ranges instead of only the first range. This restores multi-cell table selections and other custom selections with multiple ranges.
  • @​tiptap/pm@​3.27.3

@​tiptap/extension-list

Patch Changes

  • 94de762: Fix markdown parsing bugs where block elements right after an ordered list item (with no blank line in between) were wrongly treated as lazy continuation of the list item, instead of terminating the list the way other markdown parsers do:

    • Thematic breaks (---, ***, ___, * * *) were swallowed into the list item as literal paragraph text — along with every line after them. They now terminate the list and become a horizontal rule.
    • Fenced code blocks (``` and ~~~) were nested inside the list item. They now terminate the list and become a top-level code block.
    • Unindented bullet markers (- item) were nested inside the ordered list item. They now terminate the ordered list and start a new top-level bullet list. Indented bullets still nest inside the item as before.

    An indented ***/___ inside item content is now also parsed as a horizontal rule inside the item instead of literal text. A --- line directly below item paragraph text keeps its current behavior because it is a setext heading underline per CommonMark, not a thematic break.

  • 94de762: Fix indented ordered list items (e.g. one leading space before the marker, as happens when a top-level ordered list is itself nested inside another list) losing inline formatting during markdown parsing. The custom ordered-list markdown tokenizer built its nested structure with a hardcoded base indentation of 0, so an item whose actual indentation was non-zero never matched, causing the tokenizer to silently produce zero items and bail out — falling back to a path that left the item's content as literal, unparsed text instead of running it through inline tokenization (bold, italic, etc. were lost). The base indentation is now taken from the first collected item instead of being hardcoded.

  • Updated dependencies [94de762]

    • @​tiptap/core@​3.27.3
    • @​tiptap/pm@​3.27.3

@​tiptap/extensions

Patch Changes

  • 94de762: Fixed placeholder flickering and disappearance on large documents. Replaced the viewport-based decoration scan with an incremental StateField<DecorationSet> that only re-computes decorations for top-level nodes touched by each transaction. This eliminates the dependency on DOM measurement (posAtCoords), requestAnimationFrame scheduling, and scroll listeners that caused flickering under collaboration, occlusion, and rapid edits.
Changelog

Sourced from @​tiptap/react's changelog.

3.27.3

Patch Changes

  • Updated dependencies [023f98c]
    • @​tiptap/core@​3.27.3
    • @​tiptap/pm@​3.27.3
Commits

Updates @tiptap/starter-kit from 3.27.2 to 3.27.3

Release notes

Sourced from @​tiptap/starter-kit's releases.

v3.27.3

@​tiptap/core

Patch Changes

  • 94de762: Fix deleteSelection to delete content across all selection ranges instead of only the first range. This restores multi-cell table selections and other custom selections with multiple ranges.
  • @​tiptap/pm@​3.27.3

@​tiptap/extension-list

Patch Changes

  • 94de762: Fix markdown parsing bugs where block elements right after an ordered list item (with no blank line in between) were wrongly treated as lazy continuation of the list item, instead of terminating the list the way other markdown parsers do:

    • Thematic breaks (---, ***, ___, * * *) were swallowed into the list item as literal paragraph text — along with every line after them. They now terminate the list and become a horizontal rule.
    • Fenced code blocks (``` and ~~~) were nested inside the list item. They now terminate the list and become a top-level code block.
    • Unindented bullet markers (- item) were nested inside the ordered list item. They now terminate the ordered list and start a new top-level bullet list. Indented bullets still nest inside the item as before.

    An indented ***/___ inside item content is now also parsed as a horizontal rule inside the item instead of literal text. A --- line directly below item paragraph text keeps its current behavior because it is a setext heading underline per CommonMark, not a thematic break.

  • 94de762: Fix indented ordered list items (e.g. one leading space before the marker, as happens when a top-level ordered list is itself nested inside another list) losing inline formatting during markdown parsing. The custom ordered-list markdown tokenizer built its nested structure with a hardcoded base indentation of 0, so an item whose actual indentation was non-zero never matched, causing the tokenizer to silently produce zero items and bail out — falling back to a path that left the item's content as literal, unparsed text instead of running it through inline tokenization (bold, italic, etc. were lost). The base indentation is now taken from the first collected item instead of being hardcoded.

  • Updated dependencies [94de762]

    • @​tiptap/core@​3.27.3
    • @​tiptap/pm@​3.27.3

@​tiptap/extensions

Patch Changes

  • 94de762: Fixed placeholder flickering and disappearance on large documents. Replaced the viewport-based decoration scan with an incremental StateField<DecorationSet> that only re-computes decorations for top-level nodes touched by each transaction. This eliminates the dependency on DOM measurement (posAtCoords), requestAnimationFrame scheduling, and scroll listeners that caused flickering under collaboration, occlusion, and rapid edits.
Changelog

Sourced from @​tiptap/starter-kit's changelog.

3.27.3

Patch Changes

  • Updated dependencies [023f98c]
  • Updated dependencies [b4600b6]
  • Updated dependencies [1f3ca7a]
  • Updated dependencies [76a76da]
    • @​tiptap/core@​3.27.3
    • @​tiptap/extension-list@​3.27.3
    • @​tiptap/extensions@​3.27.3
    • @​tiptap/extension-blockquote@​3.27.3
    • @​tiptap/extension-bold@​3.27.3
    • @​tiptap/extension-code@​3.27.3
    • @​tiptap/extension-code-block@​3.27.3
    • @​tiptap/extension-document@​3.27.3
    • @​tiptap/extension-hard-break@​3.27.3
    • @​tiptap/extension-heading@​3.27.3
    • @​tiptap/extension-horizontal-rule@​3.27.3
    • @​tiptap/extension-italic@​3.27.3
    • @​tiptap/extension-link@​3.27.3
    • @​tiptap/extension-paragraph@​3.27.3
    • @​tiptap/extension-strike@​3.27.3
    • @​tiptap/extension-text@​3.27.3
    • @​tiptap/extension-underline@​3.27.3
    • @​tiptap/extension-list-item@​3.27.3
    • @​tiptap/extension-list-keymap@​3.27.3
    • @​tiptap/extension-bullet-list@​3.27.3
    • @​tiptap/extension-ordered-list@​3.27.3
    • @​tiptap/extension-dropcursor@​3.27.3
    • @​tiptap/extension-gapcursor@​3.27.3
    • @​tiptap/pm@​3.27.3
Commits
  • 24d6aba chore(release): publish a new stable version (#8002)
  • S...

    Description has been truncated

…updates

Bumps the frontend-deps group with 11 updates in the /frontend directory:

| Package | From | To |
| --- | --- | --- |
| [@sentry/nextjs](https://github.com/getsentry/sentry-javascript) | `10.63.0` | `10.64.0` |
| [@tiptap/extension-code-block](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-code-block) | `3.27.2` | `3.27.3` |
| [@tiptap/extension-link](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-link) | `3.27.2` | `3.27.3` |
| [@tiptap/extension-placeholder](https://github.com/ueberdosis/tiptap/tree/HEAD/packages-deprecated/extension-placeholder) | `3.27.2` | `3.27.3` |
| [@tiptap/html](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/html) | `3.27.2` | `3.27.3` |
| [@tiptap/react](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/react) | `3.27.2` | `3.27.3` |
| [@tiptap/starter-kit](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/starter-kit) | `3.27.2` | `3.27.3` |
| [next](https://github.com/vercel/next.js) | `16.2.9` | `16.2.10` |
| [@types/dompurify](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/dompurify) | `3.0.5` | `3.2.0` |
| [eslint-config-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next) | `16.2.9` | `16.2.10` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `8.1.2` | `8.1.3` |



Updates `@sentry/nextjs` from 10.63.0 to 10.64.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](getsentry/sentry-javascript@10.63.0...10.64.0)

Updates `@sentry/react` from 10.63.0 to 10.64.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](getsentry/sentry-javascript@10.63.0...10.64.0)

Updates `@tiptap/extension-code-block` from 3.27.2 to 3.27.3
- [Release notes](https://github.com/ueberdosis/tiptap/releases)
- [Changelog](https://github.com/ueberdosis/tiptap/blob/main/packages/extension-code-block/CHANGELOG.md)
- [Commits](https://github.com/ueberdosis/tiptap/commits/v3.27.3/packages/extension-code-block)

Updates `@tiptap/extension-link` from 3.27.2 to 3.27.3
- [Release notes](https://github.com/ueberdosis/tiptap/releases)
- [Changelog](https://github.com/ueberdosis/tiptap/blob/main/packages/extension-link/CHANGELOG.md)
- [Commits](https://github.com/ueberdosis/tiptap/commits/v3.27.3/packages/extension-link)

Updates `@tiptap/extension-placeholder` from 3.27.2 to 3.27.3
- [Release notes](https://github.com/ueberdosis/tiptap/releases)
- [Changelog](https://github.com/ueberdosis/tiptap/blob/main/packages-deprecated/extension-placeholder/CHANGELOG.md)
- [Commits](https://github.com/ueberdosis/tiptap/commits/v3.27.3/packages-deprecated/extension-placeholder)

Updates `@tiptap/html` from 3.27.2 to 3.27.3
- [Release notes](https://github.com/ueberdosis/tiptap/releases)
- [Changelog](https://github.com/ueberdosis/tiptap/blob/main/packages/html/CHANGELOG.md)
- [Commits](https://github.com/ueberdosis/tiptap/commits/v3.27.3/packages/html)

Updates `@tiptap/react` from 3.27.2 to 3.27.3
- [Release notes](https://github.com/ueberdosis/tiptap/releases)
- [Changelog](https://github.com/ueberdosis/tiptap/blob/main/packages/react/CHANGELOG.md)
- [Commits](https://github.com/ueberdosis/tiptap/commits/v3.27.3/packages/react)

Updates `@tiptap/starter-kit` from 3.27.2 to 3.27.3
- [Release notes](https://github.com/ueberdosis/tiptap/releases)
- [Changelog](https://github.com/ueberdosis/tiptap/blob/main/packages/starter-kit/CHANGELOG.md)
- [Commits](https://github.com/ueberdosis/tiptap/commits/v3.27.3/packages/starter-kit)

Updates `next` from 16.2.9 to 16.2.10
- [Release notes](https://github.com/vercel/next.js/releases)
- [Commits](vercel/next.js@v16.2.9...v16.2.10)

Updates `@types/dompurify` from 3.0.5 to 3.2.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/dompurify)

Updates `eslint-config-next` from 16.2.9 to 16.2.10
- [Release notes](https://github.com/vercel/next.js/releases)
- [Commits](https://github.com/vercel/next.js/commits/v16.2.10/packages/eslint-config-next)

Updates `vite` from 8.1.2 to 8.1.3
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.1.3/packages/vite)

---
updated-dependencies:
- dependency-name: "@sentry/nextjs"
  dependency-version: 10.64.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend-deps
- dependency-name: "@sentry/react"
  dependency-version: 10.64.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend-deps
- dependency-name: "@tiptap/extension-code-block"
  dependency-version: 3.27.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontend-deps
- dependency-name: "@tiptap/extension-link"
  dependency-version: 3.27.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontend-deps
- dependency-name: "@tiptap/extension-placeholder"
  dependency-version: 3.27.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontend-deps
- dependency-name: "@tiptap/html"
  dependency-version: 3.27.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontend-deps
- dependency-name: "@tiptap/react"
  dependency-version: 3.27.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontend-deps
- dependency-name: "@tiptap/starter-kit"
  dependency-version: 3.27.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontend-deps
- dependency-name: next
  dependency-version: 16.2.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontend-deps
- dependency-name: "@types/dompurify"
  dependency-version: 3.2.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: frontend-deps
- dependency-name: eslint-config-next
  dependency-version: 16.2.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: frontend-deps
- dependency-name: vite
  dependency-version: 8.1.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: frontend-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file frontend Generated from frontend issue tags: frontend ui Generated from frontend issue tags: ui labels Jul 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file frontend Generated from frontend issue tags: frontend ui Generated from frontend issue tags: ui

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants