chore(deps): bump the npm-dependencies group across 1 directory with 16 updates

[dependabot]

Bumps the npm-dependencies group with 15 updates in the / directory:

Package	From	To
@clerk/nextjs	7.3.4	7.5.2
@clerk/ui	1.10.0	1.16.1
lucide-react	1.16.0	1.18.0
next	16.2.6	16.2.9
radix-ui	1.4.3	1.5.0
react	19.2.6	19.2.7
@types/react	19.2.14	19.2.17
react-dom	19.2.6	19.2.7
@biomejs/biome	2.4.15	2.5.0
@clerk/testing	2.0.28	2.1.1
@tailwindcss/postcss	4.3.0	4.3.1
@types/node	25.8.0	25.9.3
lefthook	2.1.6	2.1.9
shadcn	4.7.0	4.11.0
vitest	4.1.6	4.1.8

Updates @clerk/nextjs from 7.3.4 to 7.5.2

Release notes

Sourced from @​clerk/nextjs's releases.

@​clerk/nextjs@​7.5.2

Patch Changes

• Migrate the build pipeline to tsdown and TypeScript 6.0. This is an internal tooling change with no intended changes to the public API or runtime behavior. (#8177) by @​dstaley

• Updated dependencies [cdb940a, b5fa9f6, f046c49, b5fa9f6, 3d5b2fe]:

  • @​clerk/backend@​3.7.0
  • @​clerk/shared@​4.17.1
  • @​clerk/react@​6.9.1

@​clerk/nextjs@​7.5.1

Patch Changes

• Updated dependencies [a5c7bc7]:
  • @​clerk/shared@​4.17.0
  • @​clerk/react@​6.9.0
  • @​clerk/backend@​3.6.1

@​clerk/nextjs@​7.5.0

Minor Changes

• Remove the <ConfigureSSO /> component from the public API in favor of usage within OrganizationProfile (#8779) by @​LauraBeatris

  Removing these exports has no breaking changes impact on production applications, as was never released as a GA component

Patch Changes

• Harden middleware debug log output: the formatter now recursively truncates known credential keys (sessionToken, tokenInHeader, sessionTokenInCookie, secretKey, jwtKey) at any nesting depth, so a bearer token can no longer reach the logs even if a debug producer nests one. This is a defense-in-depth backstop alongside the source-level redaction in @clerk/backend. (#8744) by @​jacekradko

• Add and improve JSDoc comments across public types and methods to support generated reference documentation for the /objects docs section. Exports a few previously-internal types (OnEventListener, OffEventListener, ClerkOptionsNavigation) so they can be referenced from the generated docs. (#8276) by @​alexisintech

• Updated dependencies [83f50f6, 2d6670c, e7cb503, 83f50f6, af706e3, 48b187d, 27c4d75, 955e998, 032632c, 0fece6f, b295af3, 0c854c3, 27c4d75, 8e1bd48]:

  • @​clerk/react@​6.8.0
  • @​clerk/shared@​4.16.0
  • @​clerk/backend@​3.6.0

@​clerk/nextjs@​7.4.3

Patch Changes

• Prevent keyless mode from activating in CI and other automated environments in framework SDKs. (#8676) by @​mwickett

• Updated dependencies [1c42351, 1701e0f, afb75e6, c3df67a, ff0cfef, 86fd38f, be55c4e, fb184de, 8d6bb56, 43dfefa, 5fc7b21, c2ba134]:

  • @​clerk/backend@​3.5.0
  • @​clerk/shared@​4.15.0
  • @​clerk/react@​6.7.3

@​clerk/nextjs@​7.4.2

Patch Changes

• Updated dependencies [79cdd1f, 4d5027b, 4e08924, bcf0e77]:

... (truncated)

Changelog

Sourced from @​clerk/nextjs's changelog.

7.5.2

Patch Changes

• Migrate the build pipeline to tsdown and TypeScript 6.0. This is an internal tooling change with no intended changes to the public API or runtime behavior. (#8177) by @​dstaley

• Updated dependencies [cdb940a, b5fa9f6, f046c49, b5fa9f6, 3d5b2fe]:

  • @​clerk/backend@​3.7.0
  • @​clerk/shared@​4.17.1
  • @​clerk/react@​6.9.1

7.5.1

Patch Changes

• Updated dependencies [a5c7bc7]:
  • @​clerk/shared@​4.17.0
  • @​clerk/react@​6.9.0
  • @​clerk/backend@​3.6.1

7.5.0

Minor Changes

• Remove the <ConfigureSSO /> component from the public API in favor of usage within OrganizationProfile (#8779) by @​LauraBeatris

  Removing these exports has no breaking changes impact on production applications, as was never released as a GA component

Patch Changes

• Harden middleware debug log output: the formatter now recursively truncates known credential keys (sessionToken, tokenInHeader, sessionTokenInCookie, secretKey, jwtKey) at any nesting depth, so a bearer token can no longer reach the logs even if a debug producer nests one. This is a defense-in-depth backstop alongside the source-level redaction in @clerk/backend. (#8744) by @​jacekradko

• Add and improve JSDoc comments across public types and methods to support generated reference documentation for the /objects docs section. Exports a few previously-internal types (OnEventListener, OffEventListener, ClerkOptionsNavigation) so they can be referenced from the generated docs. (#8276) by @​alexisintech

• Updated dependencies [83f50f6, 2d6670c, e7cb503, 83f50f6, af706e3, 48b187d, 27c4d75, 955e998, 032632c, 0fece6f, b295af3, 0c854c3, 27c4d75, 8e1bd48]:

  • @​clerk/react@​6.8.0
  • @​clerk/shared@​4.16.0
  • @​clerk/backend@​3.6.0

7.4.3

Patch Changes

• Prevent keyless mode from activating in CI and other automated environments in framework SDKs. (#8676) by @​mwickett

• Updated dependencies [1c42351, 1701e0f, afb75e6, c3df67a, ff0cfef, 86fd38f, be55c4e, fb184de, 8d6bb56, 43dfefa, 5fc7b21, c2ba134]:

  • @​clerk/backend@​3.5.0
  • @​clerk/shared@​4.15.0
  • @​clerk/react@​6.7.3

... (truncated)

Commits

• 5ebed8b ci(repo): Version packages (#8810)
• f046c49 chore(repo): Upgrade to TypeScript 6.0 (#8177)
• 7cfd510 ci(repo): Version packages (#8803)
• 1028d82 ci(repo): Version packages (#8735)
• 2d6670c chore(ui,clerk-js,shared): Remove public export of ConfigureSSO (#8779)
• 27c4d75 fix(backend): harden machine-token verification and redact debug-logged token...
• 8e1bd48 docs(repo): Add typedoc comments; generate typedoc output for /objects docs (...
• c9d9e6a ci(repo): Version packages (#8679)
• 86fd38f fix(repo): harden keyless accountless requests (#8676)
• bbbe654 ci(repo): Version packages (#8635)
• Additional commits viewable in compare view

Updates @clerk/ui from 1.10.0 to 1.16.1

Release notes

Sourced from @​clerk/ui's releases.

@​clerk/ui@​1.16.1

Patch Changes

• Fix checkout button label showing "Start free trial" when adding seats during a free trial period (#8829) by @​mauricioabreu

• Migrate the build pipeline to tsdown and TypeScript 6.0. This is an internal tooling change with no intended changes to the public API or runtime behavior. (#8177) by @​dstaley

• Updated dependencies [f046c49, b5fa9f6, 3d5b2fe]:

  • @​clerk/localizations@​4.8.1
  • @​clerk/shared@​4.17.1

@​clerk/ui@​1.16.0

Minor Changes

• Add support for Clerk Billing plans with per-seat costs. (#8629) by @​dstaley
  • New invite-to-checkout flow when inviting members while on a plan that uses per-seat costs.
  • New localization values to support UI additions.
  • Support for the orgId and minSeats parameters to getPlans().
  • Support for the seatsQuantity and priceId parameters to checkout creation.
  • New totals field on payments.
  • New availablePrices field on plans.
  • New nextPayment field on subscription items.
  • New discounts field on checkouts.
  • Additional fields on nextPayment for more granularity.

Patch Changes

• Display the scope description for user:org:read organization access in the OAuth Consent dialog so users understand organization membership information is being shared with the OAuth client. (#8798) by @​jfoshee

• Fix alignment of the domain section subtitle in the organization profile to match the button above it. (#8795) by @​alexcarpenter

• Updated dependencies [a5c7bc7]:

  • @​clerk/localizations@​4.8.0
  • @​clerk/shared@​4.17.0

@​clerk/ui@​1.15.1

Patch Changes

• Fix Chrome-specific scroll jump when toggling the billing period switch on the pricing table. (#8742) by @​alexcarpenter

• Fix a circular import in the styled-system that could crash module initialization under bundler configurations with tree-shaking disabled. (#8754) by @​jacekradko

• Internal refactor for self-serve SSO wizard navigation to leverage a guard-based state machine. (#8715) by @​iagodahlem

  It makes the step navigation more predictable: the step you land on (including after a reload) and which steps you can move to are derived from the connection's state, the connection reset flow lands you on the right step.

• Correctly display OAuth consent redirect domains for known multi-label public suffixes. (#8700) by @​wobsoriano

• Fix modal backdrop appearing light in dark mode (#8743) by @​alexcarpenter

... (truncated)

Changelog

Sourced from @​clerk/ui's changelog.

1.16.1

Patch Changes

• Fix checkout button label showing "Start free trial" when adding seats during a free trial period (#8829) by @​mauricioabreu

• Migrate the build pipeline to tsdown and TypeScript 6.0. This is an internal tooling change with no intended changes to the public API or runtime behavior. (#8177) by @​dstaley

• Updated dependencies [f046c49, b5fa9f6, 3d5b2fe]:

  • @​clerk/localizations@​4.8.1
  • @​clerk/shared@​4.17.1

1.16.0

Minor Changes

• Add support for Clerk Billing plans with per-seat costs. (#8629) by @​dstaley
  • New invite-to-checkout flow when inviting members while on a plan that uses per-seat costs.
  • New localization values to support UI additions.
  • Support for the orgId and minSeats parameters to getPlans().
  • Support for the seatsQuantity and priceId parameters to checkout creation.
  • New totals field on payments.
  • New availablePrices field on plans.
  • New nextPayment field on subscription items.
  • New discounts field on checkouts.
  • Additional fields on nextPayment for more granularity.

Patch Changes

• Display the scope description for user:org:read organization access in the OAuth Consent dialog so users understand organization membership information is being shared with the OAuth client. (#8798) by @​jfoshee

• Fix alignment of the domain section subtitle in the organization profile to match the button above it. (#8795) by @​alexcarpenter

• Updated dependencies [a5c7bc7]:

  • @​clerk/localizations@​4.8.0
  • @​clerk/shared@​4.17.0

1.15.1

Patch Changes

• Fix Chrome-specific scroll jump when toggling the billing period switch on the pricing table. (#8742) by @​alexcarpenter

• Fix a circular import in the styled-system that could crash module initialization under bundler configurations with tree-shaking disabled. (#8754) by @​jacekradko

• Internal refactor for self-serve SSO wizard navigation to leverage a guard-based state machine. (#8715) by @​iagodahlem

  It makes the step navigation more predictable: the step you land on (including after a reload) and which steps you can move to are derived from the connection's state, the connection reset flow lands you on the right step.

• Correctly display OAuth consent redirect domains for known multi-label public suffixes. (#8700) by @​wobsoriano

... (truncated)

Commits

• 5ebed8b ci(repo): Version packages (#8810)
• b151416 feat(ui,headless): mosaic dialog foundations (#8808)
• d0ed42f fix(ui): checkout button label when adding seats to a free trial (#8829)
• 5dc5cd4 feat(ui): add Mosaic hover, motionSafe, and alpha CSS utilities (#8817)
• 0bc0dc5 feat(ui): Scaffold mosaic input component (#8814)
• f046c49 chore(repo): Upgrade to TypeScript 6.0 (#8177)
• 7cfd510 ci(repo): Version packages (#8803)
• 81f7c65 feat(swingset): Scaffold component documentation package (#8797)
• a5c7bc7 feat(*): Add support for per-seat costs (#8629)
• df4619f fix(ui): show user:org:read scope in OAuth Consent list (#8798)
• Additional commits viewable in compare view

Updates lucide-react from 1.16.0 to 1.18.0

Release notes

Sourced from lucide-react's releases.

Version 1.18.0

What's Changed

• chore(site): Remove survey from site by @​ericfennis in lucide-icons/lucide#4417
• feat(icons): added play-off icon by @​Ahmed-Dghaies in lucide-icons/lucide#4412
• fix(metadata): add missing use-cases prop on play-off.json by @​karsa-mistmere in lucide-icons/lucide#4423
• fix(docs): force hide #bb-banner, if html.has-bb-banner is missing by @​karsa-mistmere in lucide-icons/lucide#4422
• fix(docs): Remove @next from installation instructions for@lucide/svelte by @​alecglassford in lucide-icons/lucide#4432
• feat(packages/angular): add support for Angular v22 and onwards by @​karsa-mistmere in lucide-icons/lucide#4450
• fix(ci): add check to skip release if latest tag was created today by @​ericfennis in lucide-icons/lucide#4085
• feat(icons): added webcam-off icon by @​jordan-burnett in lucide-icons/lucide#4242

New Contributors

• @​alecglassford made their first contribution in lucide-icons/lucide#4432
• @​jordan-burnett made their first contribution in lucide-icons/lucide#4242

Full Changelog: lucide-icons/lucide@1.17.0...1.18.0

Version 1.17.0

What's Changed

• chore(lucide-vue-next|lucide-svelte|lucide-angular): Remove deprecated packages by @​ericfennis in lucide-icons/lucide#4376
• chore(repo): Update issue templates and documentation for package ren… by @​ericfennis in lucide-icons/lucide#4379
• feat(site): Adds survey overlay to website by @​ericfennis in lucide-icons/lucide#4380
• feat(site): Certificate dev links by @​ericfennis in lucide-icons/lucide#4390
• fix(icons): changed martini icon by @​jamiemlaw in lucide-icons/lucide#4335
• chore(deps): bump brace-expansion from 1.1.11 to 5.0.6 by @​dependabot[bot] in lucide-icons/lucide#4386
• chore(deps): bump @​tootallnate/once from 2.0.0 to 2.0.1 by @​dependabot[bot] in lucide-icons/lucide#4404
• chore(deps): bump devalue from 5.8.0 to 5.8.1 by @​dependabot[bot] in lucide-icons/lucide#4391
• chore(deps): bump ws from 8.18.0 to 8.20.1 by @​dependabot[bot] in lucide-icons/lucide#4392
• fix(gh-icon): limit icon size to a maximum of 256 pixels by @​jguddas in lucide-icons/lucide#4398
• chore(dependencies): Update dependencies by @​ericfennis in lucide-icons/lucide#4377
• feat(copilot): Adding copilot instructions by @​ericfennis in lucide-icons/lucide#4407
• feat(icons): add globe-check by @​Barakudum in lucide-icons/lucide#4342
• feat(metadata): Require use-cases in meta json by @​ericfennis in lucide-icons/lucide#4321
• feat(icons): added parasol icon by @​karsa-mistmere in lucide-icons/lucide#4347

Full Changelog: lucide-icons/lucide@1.16.0...1.17.0

Commits

• See full diff in compare view

Updates next from 16.2.6 to 16.2.9

Release notes

Sourced from next's releases.

v16.2.9

Empty release to ensure next@latest points at a stable release. Next.js only allows publishing with Trusted Publishing enabled. In order to fix NPM dist-tags, we have to release a new version. Updating dist-tags is not possible with Trusted Publishing.

v16.2.8

Release with no changes in an attempt to fix next@latest pointing at a prerelease version.

v16.2.7

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Backport documentation fixes for v16.2 (#93804)
• [backport] Patch playwright-core to resolve _finishedPromise on requestFailed (#93920)
• [backport] Fix dev mode hydration failure when page is served from HTTP cache (#93492)
• [backport] Fix catch-all router.query corruption with basePath + rewrites (#93917)
• [backport] Encode non-ASCII characters in cache tags at construction (#93918)
• [backport] Fix server action forwarding loop with middleware rewrites (#93919)
• [backport] Turbopack: switch from base40 to base38 hash encoding (#93932)
• [ci] Disable hanging node 24 typescript tests on 16.2 backport branch (#94164)
• [backport] Fix "type: module" in project dir when using standalone or adapters (#94050)
• [backport] Propagate adapter preferred regions (#94200)
• [16.2.x] Don't drop FormData entries (#94240)
• [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (#94284)

Credits

Huge thanks to @​eps1lon, @​icyJoseph, @​unstubbable, @​mischnic, @​bgw, @​timneutkens, and @​lukesandberg for helping!

Commits

• f37fad9 v16.2.9
• d9aaaed [cd] Allow tagging semver-lower releases as @latest if @latest po… (#94627)
• 6f16804 v16.2.8
• 0dbc1d5 [16.2.x][cd] Ensure release can be triggered on old branches (#94598)
• 90e3c81 [16.2.x] Align Actions dependencies with Canary (#94339)
• 83f402c [16.2.x][cd] Stop fetching all tags when searching parent tag (#94334)
• 411c455 v16.2.7
• c63224f [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolut...
• 63115c7 [16.2.x] Don't drop FormData entries (#94240)
• aef22fd [backport] Propagate adapter preferred regions (#94200)
• Additional commits viewable in compare view

Updates radix-ui from 1.4.3 to 1.5.0

Changelog

Sourced from radix-ui's changelog.

1.5.0

Context Menu

• Added support for a controlled open prop on ContextMenu.Root. This is intended for reading the open state and closing the menu programmatically, though we discourage opening the menu programmatically since opening the menu depends on user interaction to position the menu.

  function ControlledContextMenu() {
    const [open, setOpen] = React.useState(false);
    return (
      <ContextMenu.Root open={open} onOpenChange={setOpen}>
        <ContextMenu.Trigger>Open</ContextMenu.Trigger>
        <ContextMenu.Content>
          <button type="button" onClick={() => setOpen(false)}>
            Close me
          </button>
          <ContextMenu.Item>Item 1</ContextMenu.Item>
          <ContextMenu.Item>Item 2</ContextMenu.Item>
        </ContextMenu.Content>
      </ContextMenu.Root>
    );
  }

• Fixed a bug in where submenus remained expanded after re-opening on long-press touch events.

Dialog

• Fixed a bug where iOS text selection and editing on HTML inputs within dialogs were broken.
• Fixed a bug causing disabled pointer events in closed dialogs.

One-Time Password Field

• Fixed pasting into One-Time Password Field in environments that do not support the legacy "Text" clipboard format by reading the pasted value as "text/plain".
• Fixed issues with focus management in React 19.2+.
• Fixed a bug to ensure that pasted values exceeding the field length are truncated.

Popper

• Fixed a "Maximum update depth exceeded" bug for pages with a large number of popper instances.
• Exposed data-side and data-align on PopperAnchor element

Presence

• Fixed a "Maximum update depth exceeded" bug in React 19 that could occur when Presence was given a child with an unstable ref.

Radio Group

• Added unstable RadioGroupItemProvider, RadioGroupItemTrigger and RadioGroupItemBubbleInput parts. These expose the previously internal composition of a radio item that included a visually hidden input so consumers can directly access and recompose them. The RadioGroupItem component continues to render them by default.

... (truncated)

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for radix-ui since your current version.

Updates react from 19.2.6 to 19.2.7

Release notes

Sourced from react's releases.

19.2.7 (June 1st, 2026)

React Server Components

• Fixed missing FormData entries in Server Actions which regressed in 19.2.6 (#36566 by @​unstubbable)

Commits

• 6117d7c Version 19.2.7 (#36591)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react since your current version.

Updates @types/react from 19.2.14 to 19.2.17

Commits

• See full diff in compare view

Updates react-dom from 19.2.6 to 19.2.7

Release notes

Sourced from react-dom's releases.

19.2.7 (June 1st, 2026)

React Server Components

• Fixed missing FormData entries in Server Actions which regressed in 19.2.6 (#36566 by @​unstubbable)

Commits

• 6117d7c Version 19.2.7 (#36591)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react-dom since your current version.

Updates @biomejs/biome from 2.4.15 to 2.5.0

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.5.0

2.5.0

Minor Changes

• #9539 f0615fd Thanks @​ematipico! - Added a new reporter called concise. When --reporter=concise is passed the commands format, lint, check and ci, the diagnostics are printed in a compact manner:

  ! index.ts:2:10: lint/correctness/noUnusedImports: Several of these imports are unused.
  ! main.ts:9:7: lint/correctness/noUnusedVariables: This variable f is unused.
  × index.ts:8:5: lint/suspicious/noImplicitAnyLet: This variable implicitly has the any type.
  × main.ts:2:10: lint/suspicious/noRedeclare: Shouldn't redeclare 'z'. Consider to delete it or rename it.
  

• #9495 2056b23 Thanks @​aviraldua93! - Added the useKeyWithClickEvents a11y lint rule for HTML files (.html, .vue, .svelte, .astro). This is a port of the existing JSX rule. The rule enforces that elements with an onclick handler also have at least one keyboard event handler (onkeydown, onkeyup, or onkeypress) to ensure keyboard accessibility.

  Inherently keyboard-accessible elements (<a>, <button>, <input>, <select>, <textarea>, <option>) are excluded, as are elements hidden from assistive technologies (aria-hidden) or with role="presentation" / role="none".

  <!-- Invalid: no keyboard handler -->
  <div onclick="handleClick()">Click me</div>
  <!-- Valid: has keyboard handler -->
  <div onclick="handleClick()" onkeydown="handleKeyDown()">Click me</div>
  <!-- Valid: inherently keyboard-accessible -->
  <button onclick="handleClick()">Submit</button>

• #9152 9ec8500 Thanks @​ematipico! - Added new nursery lint rule noUndeclaredClasses for HTML, JSX, and SFC files (Vue, Astro, Svelte). The rule detects CSS class names used in class="..." (or className) attributes that are not defined in any <style> block or linked stylesheet reachable from the file.

  <!-- .typo is used but never defined -->
  <html>
    <head>
      <style>
        .button {
          color: blue;
        }
      </style>
    </head>
    <body>
      <div class="button typo"></div>
    </body>
  </html>

• #9152 9ec8500 Thanks @​ematipico! - Added new nursery lint rule noUnusedClasses for CSS. The rule detects CSS class selectors that are never referenced in any HTML or JSX file that imports the stylesheet. This is a project-domain rule that requires the module graph.

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.5.0

Minor Changes

• #9539 f0615fd Thanks @​ematipico! - Added a new reporter called concise. When --reporter=concise is passed the commands format, lint, check and ci, the diagnostics are printed in a compact manner:

  ! index.ts:2:10: lint/correctness/noUnusedImports: Several of these imports are unused.
  ! main.ts:9:7: lint/correctness/noUnusedVariables: This variable f is unused.
  × index.ts:8:5: lint/suspicious/noImplicitAnyLet: This variable implicitly has the any type.
  × main.ts:2:10: lint/suspicious/noRedeclare: Shouldn't redeclare 'z'. Consider to delete it or rename it.
  

• #9495 2056b23 Thanks @​aviraldua93! - Added the useKeyWithClickEvents a11y lint rule for HTML files (.html, .vue, .svelte, .astro). This is a port of the existing JSX rule. The rule enforces that elements with an onclick handler also have at least one keyboard event handler (onkeydown, onkeyup, or onkeypress) to ensure keyboard accessibility.

  Inherently keyboard-accessible elements (<a>, <button>, <input>, <select>, <textarea>, <option>) are excluded, as are elements hidden from assistive technologies (aria-hidden) or with role="presentation" / role="none".

  <!-- Invalid: no keyboard handler -->
  <div onclick="handleClick()">Click me</div>
  <!-- Valid: has keyboard handler -->
  <div onclick="handleClick()" onkeydown="handleKeyDown()">Click me</div>
  <!-- Valid: inherently keyboard-accessible -->
  <button onclick="handleClick()">Submit</button>

• #9152 9ec8500 Thanks @​ematipico! - Added new nursery lint rule noUndeclaredClasses for HTML, JSX, and SFC files (Vue, Astro, Svelte). The rule detects CSS class names used in class="..." (or className) attributes that are not defined in any <style> block or linked stylesheet reachable from the file.

  <!-- .typo is used but never defined -->
  <html>
    <head>
      <style>
        .button {
          color: blue;
        }
      </style>
    </head>
    <body>
      <div class="button typo"></div>
    </body>
  </html>

• #9152 9ec8500 Thanks @​ematipico! - Added new nursery lint rule noUnusedClasses for CSS. The rule detects CSS class selectors that are never referenced in any HTML or JSX file that imports the stylesheet. This is a project-domain rule that requires the module graph.

  /* styles.css — .ghost is never used in any importing file */

... (truncated)

Commits

• c0b9832 ci: release (#10499)
• 995c1ff feat(lint): add useFunctionComponentDefinition rule (#10498)
• 311c2b2 fix(biome_configuration): avoid Markdown links in JSON schema descriptions (#...
• 04c3f19 fix: docs and readme (#10584)
• 961f41c refactor(useExportType): improve docs and code (#10569)
• 78075b7 feat(useExportType): add style option (#10561)
• 6642895 feat: rule promotion for v2.5 (#10562)
• 9a5855e feat: noRestrictedDependencies (#10467)
• 608a62f Merge branch 'main' into chore/merge-main-into-next
• 0f29b83 feat(linter): implement useIncludes rule (#10516)
• Additional commits viewable in compare view

Updates @clerk/testing from 2.0.28 to 2.1.1

Release notes

Sourced from @​clerk/testing's releases.

@​clerk/testing@​2.1.1

Patch Changes

• Migrate the build pipeline to tsdown and TypeScript 6.0. This is an internal tooling change with no intended changes to the public API or runtime behavior. (#8177) by @​dstaley

• Updated dependencies [cdb940a, b5fa9f6, f046c49,

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
devflow	Ready	Preview, Comment	Jun 14, 2026 6:56pm