build(deps): bump the react group with 2 updates#2871
Merged
maintainerr-automation[bot] merged 1 commit intoMay 11, 2026
Merged
Conversation
Bumps the react group with 2 updates: [react](https://github.com/facebook/react/tree/HEAD/packages/react) and [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom). Updates `react` from 19.2.5 to 19.2.6 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.6/packages/react) Updates `react-dom` from 19.2.5 to 19.2.6 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.6/packages/react-dom) --- updated-dependencies: - dependency-name: react dependency-version: 19.2.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: react - dependency-name: react-dom dependency-version: 19.2.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: react ... Signed-off-by: dependabot[bot] <support@github.com>
maintainerr-automation Bot
added a commit
that referenced
this pull request
May 12, 2026
* build(deps): bump the react group with 2 updates (#2871) Bumps the react group with 2 updates: [react](https://github.com/facebook/react/tree/HEAD/packages/react) and [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom). Updates `react` from 19.2.5 to 19.2.6 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.6/packages/react) Updates `react-dom` from 19.2.5 to 19.2.6 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.6/packages/react-dom) --- updated-dependencies: - dependency-name: react dependency-version: 19.2.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: react - dependency-name: react-dom dependency-version: 19.2.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: react ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump @tanstack/react-query from 5.100.6 to 5.100.10 (#2872) Bumps [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) from 5.100.6 to 5.100.10. - [Release notes](https://github.com/TanStack/query/releases) - [Changelog](https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md) - [Commits](https://github.com/TanStack/query/commits/HEAD/packages/react-query) --- updated-dependencies: - dependency-name: "@tanstack/react-query" dependency-version: 5.100.10 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump react-konva from 19.2.3 to 19.2.4 (#2873) Bumps [react-konva](https://github.com/konvajs/react-konva) from 19.2.3 to 19.2.4. - [Release notes](https://github.com/konvajs/react-konva/releases) - [Commits](konvajs/react-konva@v19.2.3...v19.2.4) --- updated-dependencies: - dependency-name: react-konva dependency-version: 19.2.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump yaml from 2.8.4 to 2.9.0 (#2874) Bumps [yaml](https://github.com/eemeli/yaml) from 2.8.4 to 2.9.0. - [Release notes](https://github.com/eemeli/yaml/releases) - [Commits](eemeli/yaml@v2.8.4...v2.9.0) --- updated-dependencies: - dependency-name: yaml dependency-version: 2.9.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump typeorm from 0.3.28 to 0.3.29 (#2875) Bumps [typeorm](https://github.com/typeorm/typeorm) from 0.3.28 to 0.3.29. - [Release notes](https://github.com/typeorm/typeorm/releases) - [Changelog](https://github.com/typeorm/typeorm/blob/0.3.29/CHANGELOG.md) - [Commits](typeorm/typeorm@0.3.28...0.3.29) --- updated-dependencies: - dependency-name: typeorm dependency-version: 0.3.29 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump vitest from 4.1.5 to 4.1.6 (#2876) Bumps [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) from 4.1.5 to 4.1.6. - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.6/packages/vitest) --- updated-dependencies: - dependency-name: vitest dependency-version: 4.1.6 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix(security): add yarn resolutions for transitive dependency vulnerabilities (#2881) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * fix(ci): add environment gate to close TOCTOU in release_pr workflow (#2879) * fix(ci): add environment gate to close TOCTOU in release_pr workflow * fix(ci): add missing newline at end of release_pr.yml * fix(ui): clarify custom-collection terminology and warn on disable (#2882) * fix(rules,jellyfin): close collection add/remove loop (#2554, #1446) (#2870) * fix(rules,jellyfin): close collection add/remove loop from BoxSet hiding and transient getter failures Jellyfin libraries with "Group films into collections" hide BoxSet members from library listings unless `collapseBoxSetItems: false` is set, which made Maintainerr-managed BoxSets flip movies in and out of rule results between runs (#2554). Plex/Seerr getters return `undefined` on transport failure (documented contract, distinct from `null` definitive absence) and the removal loop treated the resulting drop-out as a confirmed mismatch, restarting the deleteAfterDays countdown on every blip (#1446). Apply a shared library-query default in the Jellyfin adapter, and gate rule-driven removal on a strict-`undefined` transient-failure set tracked inside the comparator and unioned across executor chunks. Also tighten unary EXISTS/NOT_EXISTS so a transient `undefined` does not resolve to `!hasExistsValue(undefined) === true` and spuriously add items. Closes #2554 Closes #1446 * refactor(rules): tighten transient-failure gate in executor Switch transientFailureMediaIds to a field initializer, replace the info-level preserved-removal log with a debug breadcrumb that notes the retry on the next pass, and consolidate the removal-gate loop behind a single continue-driven path. Comparator return shape and strict-undefined semantics are unchanged; the unary EXISTS regression remains pinned by the existing NOT_EXISTS tests. * chore(ci,tools): add one-off Fider mirror for enhancement issues Mirrors open `label:enhancement` issues (excluding CODEOWNER-authored ones) to the Fider feature board, then closes the source issue with a link to the new post. Manual workflow_dispatch only, dry-run by default. Delete both files once the migration is run. * chore(tools): warmer closing comment, drop not_planned reason These are real feature requests being routed to Fider, not declined — let GitHub close them with no state_reason and use a friendlier comment that explains where the conversation continues. * chore(ci): convert Fider enhancement mirror to weekly job Renames the one-off mirror to "Fider - Move enhancements", schedules it weekly (Sun 06:00 UTC, matches fider-invite-codeowners), and switches from GITHUB_TOKEN to the maintainerr-automation App token via MERGE_APP so closing comments are attributed to the bot identity used by the release and docs-drift workflows. * fix(plex): improve error message when library section ID is invalid (#2883) * fix(ci): add explicit token permissions to fider move job CodeQL flagged the move job for not limiting GITHUB_TOKEN permissions. Write operations use a GitHub App token, so the default token only needs contents: read for checkout. --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: maintainerr-automation[bot] <261505141+maintainerr-automation[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Anders Eriksson <36226327+blixten85@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: enoch85 <mailto@danielhansson.nu>
Contributor
|
🎉 This PR is included in version 3.11.1 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the react group with 2 updates: react and react-dom.
Updates
reactfrom 19.2.5 to 19.2.6Release notes
Sourced from react's releases.
Commits
eaf3e95Version 19.2.6Updates
react-domfrom 19.2.5 to 19.2.6Release notes
Sourced from react-dom's releases.
Commits
eaf3e95Version 19.2.6Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions