chore(deps): Bump the all-minor-patch group in /js with 27 updates

[dependabot]

Bumps the all-minor-patch group in /js with 27 updates:

Package	From	To
@amplitude/unified	1.1.9	1.1.14
@codemirror/merge	6.12.1	6.12.2
@codemirror/view	6.43.0	6.43.1
@mui/material	9.0.1	9.1.1
@mui/system	9.0.1	9.1.1
@next/third-parties	16.2.7	16.2.9
@sentry/nextjs	10.56.0	10.57.0
@sentry/react	10.56.0	10.57.0
@tanstack/react-query	5.100.14	5.101.0
date-fns	4.2.1	4.4.0
import-in-the-middle	3.0.1	3.0.2
next	16.2.7	16.2.9
posthog-js	1.382.0	1.386.6
react	19.2.6	19.2.7
@types/react	19.2.15	19.2.17
react-dom	19.2.6	19.2.7
write-excel-file	4.1.0	4.1.1
@amplitude/analytics-core	2.49.0	2.50.0
@biomejs/biome	2.4.15	2.4.16
@types/node	25.9.2	25.9.3
baseline-browser-mapping	2.10.34	2.10.36
read-excel-file	9.1.1	9.2.0
@storybook/addon-docs	10.4.2	10.4.4
@storybook/addon-vitest	10.4.2	10.4.4
@storybook/react	10.4.2	10.4.4
@storybook/react-vite	10.4.2	10.4.4
storybook	10.4.2	10.4.4

Updates @amplitude/unified from 1.1.9 to 1.1.14

Release notes

Sourced from @​amplitude/unified's releases.

@​amplitude/unified@​1.1.14

1.1.14 (2026-06-11)

Note: Version bump only for package @​amplitude/unified

@​amplitude/unified@​1.1.13

1.1.13 (2026-06-11)

Note: Version bump only for package @​amplitude/unified

@​amplitude/unified@​1.1.13-sr-perf-reliability-rc3.0

1.1.13-sr-perf-reliability-rc3.0 (2026-06-10)

Note: Version bump only for package @​amplitude/unified

@​amplitude/unified@​1.1.13-sr-perf-reliability-rc2.0

1.1.13-sr-perf-reliability-rc2.0 (2026-06-08)

Note: Version bump only for package @​amplitude/unified

@​amplitude/unified@​1.1.13-jessewangsr-4659-autocapture.0

1.1.13-jessewangsr-4659-autocapture.0 (2026-06-09)

Note: Version bump only for package @​amplitude/unified

@​amplitude/unified@​1.1.13-featzoning-selectors.0

1.1.13-featzoning-selectors.0 (2026-06-11)

Note: Version bump only for package @​amplitude/unified

@​amplitude/unified@​1.1.13-SR-4497-custom-transport-hooks.0

1.1.13-SR-4497-custom-transport-hooks.0 (2026-06-09)

Note: Version bump only for package @​amplitude/unified

@​amplitude/unified@​1.1.12

1.1.12 (2026-06-05)

Note: Version bump only for package @​amplitude/unified

@​amplitude/unified@​1.1.12-sr-perf-reliability-rc.0

1.1.12-sr-perf-reliability-rc.0 (2026-06-05)

Note: Version bump only for package @​amplitude/unified

Commits

• 3006ae7 chore(release): publish
• 137c894 ci: record v2.x releases in Linear after npm publish (#1827)
• 477cda8 fix(analytics-browser): use safe JSON stringify in remote config log messages...
• 82a3785 chore(release): publish
• 675885e fix(analytics-browser): only flush on actual offline->online transition (#1812)
• 871e432 feat(analytics-browser, analytics-core): support referrerPolicy in FetchTrans...
• a757414 chore: require npm release environment (#1821)
• 3a18415 refactor(analytics-browser): remove unused cursor pointer code from a… (#1815)
• af76af9 fix(analytics-browser): return trackVideo errors instead of throwing (#1804)
• 4a75130 ci(examples): smoke-test the React Native sample app on the New Architecture ...
• Additional commits viewable in compare view

Updates @codemirror/merge from 6.12.1 to 6.12.2

Commits

• See full diff in compare view

Updates @codemirror/view from 6.43.0 to 6.43.1

Commits

• See full diff in compare view

Updates @mui/material from 9.0.1 to 9.1.1

Release notes

Sourced from @​mui/material's releases.

v9.1.0

A big thanks to the 15 contributors who made this release possible. Here are some highlights ✨:

• ⚙️ Support for the prefers-reduced-motion setting.
• ♿️ Improved support for Windows High Contrast mode with the enhanceHighContrast theme wrapper.

@mui/material@9.1.0

• [autocomplete] Enable clearing highlight when mouse leaves popup (#48354) @​mj12albert
• [autocomplete] Fix freeSolo controlled values cleared by initial null (#48611) @​mj12albert
• [autocomplete] Fix item removal when it receives focus from VoiceOver before using Backspace (#48572) @​silviuaavram
• [autocomplete] Fix resetHighlightOnMouseLeave JSdoc (#48536) @​mj12albert
• [autocomplete] Guard against null inputRef during unmount (#48617) @​noam3127
• [badge] Add aria-hidden to badge content and polish docs demos (#48471) @​mj12albert
• [badge] Use inline CSS variables for anchorOrigin/overlap positioning (#48549) @​siriwatknp
• [button] Fix customized flex gap styles (#48542) @​mj12albert
• [dialog] Fix unwanted DialogPaper focus ring (#48535) @​mj12albert
• [focus trap] Fix incorrect tab order when tabIndex >= 1 (#48546) @​mj12albert
• [progress] Show runtime errors only once (#48591) @​silviuaavram
• [select] Allow spacebar to select elements (#48615) @​silviuaavram
• [select] Support typeahead when closed (#48563) @​mj12albert
• [step button] Choose higher contrast ripple color for dark mode focus (#48612) @​silviuaavram
• [stepper] Include StepConnector inside Step element (#48492) @​silviuaavram
• [stepper] Proper support for vertical alternativeLabel (#48485) @​silviuaavram
• [tabs] Fix React 18 roving tabindex and dedupe invalid-value warning (#48605) @​Janpot
• [theme] Add HighContrast theme enhancer (#48319) @​silviuaavram
• [timeline item] Fix extra ::before spacing when TimelineOppositeContent is present (#46663) @​tyalau
• [tooltip] Prevent stuck-open tooltip when child becomes disabled (#48606) @​Janpot
• [transitions] Custom Transition component (#48325) @​mj12albert
• [transitions] Support prefers-reduced-motion (#48357) @​mj12albert

@mui/utils@9.1.0

• [utils] Prevent prototype pollution in fastDeepAssign (#48580) @​Janpot

Docs

• [docs] Add function slotProps documentation (#48574) @​mj12albert
• [docs] Clarify styled-components version compatibility (#48533) @​nightt5879
• [docs] Fix broken URLs (#48520) @​oliviertassinari
• [docs] Fix invalid JSON in Zed MCP setup example (#48490) @​pavan-sh
• [docs] Mention release version for enhanceHighContrast (#48609) @​silviuaavram
• [docs] Remove outdated MUI X v8 notification (#48600) @​cherniavskii
• [docs] Remove redundant enhanceHighContrast information (#48632) @​silviuaavram
• [docs-infra] Decrease loaded bundle size on docs (#48584) @​brijeshb42
• [docs-infra] Drop multi-locale plumbing from API pages (#48370) @​brijeshb42
• [docs-infra] Fix Cookie banner heading (#48529) @​oliviertassinari
• [docs-infra] Infinitely cache all static assets (#48627) @​brijeshb42
• [docs-infra] Remove outdated noSEOadvantage entries (#48527) @​oliviertassinari
• [docs-infra] Restore build-only invariant throws via NEXT_RUNTIME guard (#48475) @​Janpot

... (truncated)

Changelog

Sourced from @​mui/material's changelog.

9.1.1

Jun 11, 2026

A big thanks to the 9 contributors who made this release possible.

@mui/material@9.1.1

• [Autocomplete] Update fullWidth prop documentation (#48626) @​vipin8797
• [ButtonBase] Fix focus ripple lingering after blur (#48650) @​siriwatknp
• [InitColorSchemeScript] Server-render in tests for React 19.3 (#48604) @​Janpot
• [Transition] Mount child in same commit when opening from unmounted (#48649) @​siriwatknp

@mui/styled-engine@9.1.1

• [styled-engine] Prevent enableCssLayer styles from being overridden by unlayered styles (#48603) @​Janpot

Docs

• Send SOURCE to Brevo on newsletter subscribe (#48633) @​aemartos
• fix TypeScript heading capitalization (#48619) @​ifer47
• Remove outdated security section (#48628) @​oliviertassinari
• [legal] Update EULA links on website (#48642) @​rluzists1

Core

• Update dependencies to resolve Dependabot security alerts (#48641) @​Janpot
• [core-docs] Pin StackBlitz demo vite to v7 and plugin-react to v5 (#48643) @​Janpot
• [code-infra] Port codebase to use tsgo (#48616) @​brijeshb42
• [docs-infra] Fix immutable cache headers for /_next/static assets (#48655) @​brijeshb42
• [docs-infra] Run link checker during docs build instead of as separate CI step (#48634) @​Janpot
• [docs-infra] Support turbopack for docs (#48569) @​brijeshb42
• [test] Cover docs landing-page composites with Argos (#48589) @​LukasTy

All contributors of this release in alphabetical order: @​aemartos, @​brijeshb42, @​ifer47, @​Janpot, @​LukasTy, @​oliviertassinari, @​rluzists1, @​siriwatknp, @​vipin8797

9.1.0

Jun 8, 2026

A big thanks to the 15 contributors who made this release possible. Here are some highlights ✨:

• ⚙️ Support for the prefers-reduced-motion setting.
• ♿️ Improved support for Windows High Contrast mode with the enhanceHighContrast theme wrapper.

@mui/material@9.1.0

... (truncated)

Commits

• 0f9b43f [release] v9.1.1 (#48656)
• bfd57b6 [ButtonBase] Fix focus ripple lingering after blur (#48650)
• aa5e12d [Transition] Mount child in same commit when opening from unmounted (#48649)
• 7c749df [Autocomplete] Update fullWidth prop documentation (#48626)
• 0798f38 Update dependencies to resolve Dependabot security alerts (#48641)
• ef607d7 [code-infra] Port codebase to use tsgo (#48616)
• 43bd37e [InitColorSchemeScript] Server-render in tests for React 19.3 (#48604)
• a389a2d [release] v9.1.0 (#48620)
• 19d59a2 [internal] Remove outdated rel values on target=_blank
• 41b68b8 [transitions] Support prefers-reduced-motion (#48357)
• Additional commits viewable in compare view

Updates @mui/system from 9.0.1 to 9.1.1

Release notes

Sourced from @​mui/system's releases.

v9.1.0

A big thanks to the 15 contributors who made this release possible. Here are some highlights ✨:

• ⚙️ Support for the prefers-reduced-motion setting.
• ♿️ Improved support for Windows High Contrast mode with the enhanceHighContrast theme wrapper.

@mui/material@9.1.0

• [autocomplete] Enable clearing highlight when mouse leaves popup (#48354) @​mj12albert
• [autocomplete] Fix freeSolo controlled values cleared by initial null (#48611) @​mj12albert
• [autocomplete] Fix item removal when it receives focus from VoiceOver before using Backspace (#48572) @​silviuaavram
• [autocomplete] Fix resetHighlightOnMouseLeave JSdoc (#48536) @​mj12albert
• [autocomplete] Guard against null inputRef during unmount (#48617) @​noam3127
• [badge] Add aria-hidden to badge content and polish docs demos (#48471) @​mj12albert
• [badge] Use inline CSS variables for anchorOrigin/overlap positioning (#48549) @​siriwatknp
• [button] Fix customized flex gap styles (#48542) @​mj12albert
• [dialog] Fix unwanted DialogPaper focus ring (#48535) @​mj12albert
• [focus trap] Fix incorrect tab order when tabIndex >= 1 (#48546) @​mj12albert
• [progress] Show runtime errors only once (#48591) @​silviuaavram
• [select] Allow spacebar to select elements (#48615) @​silviuaavram
• [select] Support typeahead when closed (#48563) @​mj12albert
• [step button] Choose higher contrast ripple color for dark mode focus (#48612) @​silviuaavram
• [stepper] Include StepConnector inside Step element (#48492) @​silviuaavram
• [stepper] Proper support for vertical alternativeLabel (#48485) @​silviuaavram
• [tabs] Fix React 18 roving tabindex and dedupe invalid-value warning (#48605) @​Janpot
• [theme] Add HighContrast theme enhancer (#48319) @​silviuaavram
• [timeline item] Fix extra ::before spacing when TimelineOppositeContent is present (#46663) @​tyalau
• [tooltip] Prevent stuck-open tooltip when child becomes disabled (#48606) @​Janpot
• [transitions] Custom Transition component (#48325) @​mj12albert
• [transitions] Support prefers-reduced-motion (#48357) @​mj12albert

@mui/utils@9.1.0

• [utils] Prevent prototype pollution in fastDeepAssign (#48580) @​Janpot

Docs

• [docs] Add function slotProps documentation (#48574) @​mj12albert
• [docs] Clarify styled-components version compatibility (#48533) @​nightt5879
• [docs] Fix broken URLs (#48520) @​oliviertassinari
• [docs] Fix invalid JSON in Zed MCP setup example (#48490) @​pavan-sh
• [docs] Mention release version for enhanceHighContrast (#48609) @​silviuaavram
• [docs] Remove outdated MUI X v8 notification (#48600) @​cherniavskii
• [docs] Remove redundant enhanceHighContrast information (#48632) @​silviuaavram
• [docs-infra] Decrease loaded bundle size on docs (#48584) @​brijeshb42
• [docs-infra] Drop multi-locale plumbing from API pages (#48370) @​brijeshb42
• [docs-infra] Fix Cookie banner heading (#48529) @​oliviertassinari
• [docs-infra] Infinitely cache all static assets (#48627) @​brijeshb42
• [docs-infra] Remove outdated noSEOadvantage entries (#48527) @​oliviertassinari
• [docs-infra] Restore build-only invariant throws via NEXT_RUNTIME guard (#48475) @​Janpot

... (truncated)

Changelog

Sourced from @​mui/system's changelog.

9.1.1

Jun 11, 2026

A big thanks to the 9 contributors who made this release possible.

@mui/material@9.1.1

• [Autocomplete] Update fullWidth prop documentation (#48626) @​vipin8797
• [ButtonBase] Fix focus ripple lingering after blur (#48650) @​siriwatknp
• [InitColorSchemeScript] Server-render in tests for React 19.3 (#48604) @​Janpot
• [Transition] Mount child in same commit when opening from unmounted (#48649) @​siriwatknp

@mui/styled-engine@9.1.1

• [styled-engine] Prevent enableCssLayer styles from being overridden by unlayered styles (#48603) @​Janpot

Docs

• Send SOURCE to Brevo on newsletter subscribe (#48633) @​aemartos
• fix TypeScript heading capitalization (#48619) @​ifer47
• Remove outdated security section (#48628) @​oliviertassinari
• [legal] Update EULA links on website (#48642) @​rluzists1

Core

• Update dependencies to resolve Dependabot security alerts (#48641) @​Janpot
• [core-docs] Pin StackBlitz demo vite to v7 and plugin-react to v5 (#48643) @​Janpot
• [code-infra] Port codebase to use tsgo (#48616) @​brijeshb42
• [docs-infra] Fix immutable cache headers for /_next/static assets (#48655) @​brijeshb42
• [docs-infra] Run link checker during docs build instead of as separate CI step (#48634) @​Janpot
• [docs-infra] Support turbopack for docs (#48569) @​brijeshb42
• [test] Cover docs landing-page composites with Argos (#48589) @​LukasTy

All contributors of this release in alphabetical order: @​aemartos, @​brijeshb42, @​ifer47, @​Janpot, @​LukasTy, @​oliviertassinari, @​rluzists1, @​siriwatknp, @​vipin8797

9.1.0

Jun 8, 2026

A big thanks to the 15 contributors who made this release possible. Here are some highlights ✨:

• ⚙️ Support for the prefers-reduced-motion setting.
• ♿️ Improved support for Windows High Contrast mode with the enhanceHighContrast theme wrapper.

@mui/material@9.1.0

... (truncated)

Commits

• 0f9b43f [release] v9.1.1 (#48656)
• ef607d7 [code-infra] Port codebase to use tsgo (#48616)
• 43bd37e [InitColorSchemeScript] Server-render in tests for React 19.3 (#48604)
• a389a2d [release] v9.1.0 (#48620)
• 74a6177 [code-infra] Convert @​mui/private-theming to TypeScript (#48565)
• 59e3304 [code-infra] Convert @​mui/styled-engine to TypeScript (#48544)
• 4ac01c3 Bump sinon to 22.0.0 (#48518)
• a11407d Bump react monorepo to 19.2.6 (#48511)
• ea0f8b9 Bump code-infra:devDependencies (#48401)
• 35b5b62 Bump react monorepo to 19.2.5 (#48406)
• See full diff in compare view

Updates @next/third-parties from 16.2.7 to 16.2.9

Release notes

Sourced from @​next/third-parties's releases.

v16.2.9

Empty release to ensure next@latest points at a stable release. Next.js only allows publishing with Trusted Publishing enabled. In order to fix NPM dist-tags, we have to release a new version. Updating dist-tags is not possible with Trusted Publishing.

v16.2.8

Release with no changes in an attempt to fix next@latest pointing at a prerelease version.

Commits

• f37fad9 v16.2.9
• 6f16804 v16.2.8
• 411c455 v16.2.7
• See full diff in compare view

Updates @sentry/nextjs from 10.56.0 to 10.57.0

Release notes

Sourced from @​sentry/nextjs's releases.

10.57.0

Important Changes

• feat(angular): Add support for Angular 22 (#21330)

  @sentry/angular now officially supports Angular 22.

• ref(core): Deprecate sendDefaultPii in favor of dataCollection (#21277)

  sendDefaultPii is deprecated and will be removed in v11. The new dataCollection option lets you control each category of collected data. sendDefaultPii: true still works and maps to enabling all dataCollection categories. dataCollection.userInfo defaults to true when dataCollection is provided, meaning auto-populated user.* fields (e.g. IP address from a request) are collected by default. Data you set explicitly (like via Sentry.setUser()) is always sent regardless. When dataCollection is not set at all, the legacy sendDefaultPii behavior applies (userInfo: false by default) to preserve backward compatibility.

  Note that an empty dataCollection: {} falls back to more permissive defaults than sendDefaultPii: false, so replicate the old behavior by opting out explicitly:

  Sentry.init({
    dataCollection: {
      userInfo: false,
      genAI: { inputs: false, outputs: false },
      httpBodies: [],
      httpHeaders: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
      cookies: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
      queryParams: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
    },
  });

Other Changes

• feat: Use dataCollection.frameContextLines for ContextLines integration (#21323)
• feat(cloudflare): Auto instrument D1 based on env (#21276)
• feat(core): Change default of dataCollection.userInfo to true (#21348)
• feat(core): Default dataCollection.httpBodies to all valid body types (#21352)
• feat(hono): Filter noisy transactions (favicon etc) (#21365)
• fix(cloudflare): Don't track negatively sampled spans (#21367)
• fix(core): Use safeDateNow calls for new Date() reads (#21351)
• fix(nextjs): Shim pinoIntegration on edge runtime (#21347)
• fix(node): Prevent PostgresJs integration from emitting duplicate spans per query (#21364)
• fix(node-core): Read __SENTRY_SERVER_MODULES__ lazily so Turbopack injection is honored (#21339)
• fix(react): Detect React Router v6/v7 navigations in a layout effect to propagate the correct trace (#21326)
• fix(react): Remove unused react.componentStack event context (#21183)
• fix(replays): Record sentry._internal.replay_is_buffering for spans (#21297)

• chore: Bump volta node version from 20.19.2 to 20.19.5 (#21359)

... (truncated)

Changelog

Sourced from @​sentry/nextjs's changelog.

10.57.0

Important Changes

• feat(angular): Add support for Angular 22 (#21330)

  @sentry/angular now officially supports Angular 22.

• ref(core): Deprecate sendDefaultPii in favor of dataCollection (#21277)

  sendDefaultPii is deprecated and will be removed in v11. The new dataCollection option lets you control each category of collected data. sendDefaultPii: true still works and maps to enabling all dataCollection categories. dataCollection.userInfo defaults to true when dataCollection is provided, meaning auto-populated user.* fields (e.g. IP address from a request) are collected by default. Data you set explicitly (like via Sentry.setUser()) is always sent regardless. When dataCollection is not set at all, the legacy sendDefaultPii behavior applies (userInfo: false by default) to preserve backward compatibility.

  Note that an empty dataCollection: {} falls back to more permissive defaults than sendDefaultPii: false, so replicate the old behavior by opting out explicitly:

  Sentry.init({
    dataCollection: {
      userInfo: false,
      genAI: { inputs: false, outputs: false },
      httpBodies: [],
      httpHeaders: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
      cookies: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
      queryParams: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
    },
  });

Other Changes

• feat: Use dataCollection.frameContextLines for ContextLines integration (#21323)
• feat(cloudflare): Auto instrument D1 based on env (#21276)
• feat(core): Change default of dataCollection.userInfo to true (#21348)
• feat(core): Default dataCollection.httpBodies to all valid body types (#21352)
• feat(hono): Filter noisy transactions (favicon etc) (#21365)
• fix(cloudflare): Don't track negatively sampled spans (#21367)
• fix(core): Use safeDateNow calls for new Date() reads (#21351)
• fix(nextjs): Shim pinoIntegration on edge runtime (#21347)
• fix(node): Prevent PostgresJs integration from emitting duplicate spans per query (#21364)
• fix(node-core): Read __SENTRY_SERVER_MODULES__ lazily so Turbopack injection is honored (#21339)
• fix(react): Detect React Router v6/v7 navigations in a layout effect to propagate the correct trace (#21326)
• fix(react): Remove unused react.componentStack event context (#21183)
• fix(replays): Record sentry._internal.replay_is_buffering for spans (#21297)

... (truncated)

Commits

• 950cf97 release: 10.57.0
• 55f9343 Merge pull request #21369 from getsentry/prepare-release/10.57.0
• 88d9d30 meta(changelog): Update changelog for 10.57.0
• 03ffd25 fix(cloudflare): Don't track negatively sampled spans (#21367)
• 7c19ead ref(node): Streamline sql-common (#21360)
• 95df562 feat(hono): Filter noisy transactions (favicon etc) (#21365)
• 92eb5d2 feat(deps): Bump hono from 4.12.18 to 4.12.21 (#21341)
• c6f790b fix(node): Prevent PostgresJs integration from emitting duplicate spans per q...
• d645349 ref(node): Streamline lru-memoizer instrumentation (#21350)
• 4293015 feat(deps): Bump @​types/aws-lambda from 8.10.150 to 8.10.161 (#21105)
• Additional commits viewable in compare view

Updates @sentry/react from 10.56.0 to 10.57.0

Release notes

Sourced from @​sentry/react's releases.

10.57.0

Important Changes

• feat(angular): Add support for Angular 22 (#21330)

  @sentry/angular now officially supports Angular 22.

• ref(core): Deprecate sendDefaultPii in favor of dataCollection (#21277)

  sendDefaultPii is deprecated and will be removed in v11. The new dataCollection option lets you control each category of collected data. sendDefaultPii: true still works and maps to enabling all dataCollection categories. dataCollection.userInfo defaults to true when dataCollection is provided, meaning auto-populated user.* fields (e.g. IP address from a request) are collected by default. Data you set explicitly (like via Sentry.setUser()) is always sent regardless. When dataCollection is not set at all, the legacy sendDefaultPii behavior applies (userInfo: false by default) to preserve backward compatibility.

  Note that an empty dataCollection: {} falls back to more permissive defaults than sendDefaultPii: false, so replicate the old behavior by opting out explicitly:

  Sentry.init({
    dataCollection: {
      userInfo: false,
      genAI: { inputs: false, outputs: false },
      httpBodies: [],
      httpHeaders: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
      cookies: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
      queryParams: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
    },
  });

Other Changes

• feat: Use dataCollection.frameContextLines for ContextLines integration (#21323)
• feat(cloudflare): Auto instrument D1 based on env (#21276)
• feat(core): Change default of dataCollection.userInfo to true (#21348)
• feat(core): Default dataCollection.httpBodies to all valid body types (#21352)
• feat(hono): Filter noisy transactions (favicon etc) (#21365)
• fix(cloudflare): Don't track negatively sampled spans (#21367)
• fix(core): Use safeDateNow calls for new Date() reads (#21351)
• fix(nextjs): Shim pinoIntegration on edge runtime (#21347)
• fix(node): Prevent PostgresJs integration from emitting duplicate spans per query (#21364)
• fix(node-core): Read __SENTRY_SERVER_MODULES__ lazily so Turbopack injection is honored (#21339)
• fix(react): Detect React Router v6/v7 navigations in a layout effect to propagate the correct trace (#21326)
• fix(react): Remove unused react.componentStack event context (#21183)
• fix(replays): Record sentry._internal.replay_is_buffering for spans (#21297)

• chore: Bump volta node version from 20.19.2 to 20.19.5 (#21359)

... (truncated)

Changelog

Sourced from @​sentry/react's changelog.

10.57.0

Important Changes

• feat(angular): Add support for Angular 22 (#21330)

  @sentry/angular now officially supports Angular 22.

• ref(core): Deprecate sendDefaultPii in favor of dataCollection (#21277)

  sendDefaultPii is deprecated and will be removed in v11. The new dataCollection option lets you control each category of collected data. sendDefaultPii: true still works and maps to enabling all dataCollection categories. dataCollection.userInfo defaults to true when dataCollection is provided, meaning auto-populated user.* fields (e.g. IP address from a request) are collected by default. Data you set explicitly (like via Sentry.setUser()) is always sent regardless. When dataCollection is not set at all, the legacy sendDefaultPii behavior applies (userInfo: false by default) to preserve backward compatibility.

  Note that an empty dataCollection: {} falls back to more permissive defaults than sendDefaultPii: false, so replicate the old behavior by opting out explicitly:

  Sentry.init({
    dataCollection: {
      userInfo: false,
      genAI: { inputs: false, outputs: false },
      httpBodies: [],
      httpHeaders: { deny: ['forwarded', '-ip', 'remote-', 'via', '-user'] },
      cookies: { deny: ['forwarded', '-...
  Description has been truncated

[gcko]

Summary

I've reviewed PR #1426 (27 minor/patch updates) and identified two critical blockers that were preventing tests from passing. Both have been resolved via commit 3c36f07.

Issues Found & Fixed

1. MUI 9.1.x Regression ⚠️

• Issue: MUI 9.1.0 and 9.1.1 introduced a breaking change where they attempt to import react-transition-group/TransitionGroupContext as a directory import
• Impact: This is not supported in ES modules, causing vitest to fail with ERR_UNSUPPORTED_DIR_IMPORT across all test files using MUI components (94 test files failed)
• Resolution: Pinned @mui/material and @mui/system to 9.0.1 exactly
• Status: Awaiting MUI upstream fix before 9.1.x can be adopted

2. Biome 2.4.16 macOS Regression (DRC-3460)

• Issue: Per DRC-3460, biome 2.4.12+ has a known deterministic Rust stack overflow on macOS arm64 with TS-aware nursery rules
• Root: The package.json in the PR had 2.4.16, but the safe pinned version is 2.4.15
• Resolution: Reverted to 2.4.15 (same as pnpm-workspace.yaml override)
• Reference: 🐛 Stack overflow on macOS (darwin-arm64) since v2.4.12 with type-aware nursery rules biomejs/biome#10411 — partial fix in 2.4.16 still causes crashes in recce-cloud-infra as of 2026-05-28

Quality Checks ✅

All quality gates passing with fixes applied:

• pnpm lint: ✅ Biome check clean
• pnpm type:check: ✅ TypeScript OK
• pnpm test: ✅ 3979 passed | 5 skipped (181 test files)
• pnpm run build: ✅ Next.js static export successful

Changes Made

The following updates from the original PR #1426 are now safe to merge:

• ✅ @amplitude/unified 1.1.9 → 1.1.14
• ✅ @codemirror/* minor updates
• ✅ @next/third-parties 16.2.7 → 16.2.9
• ✅ @sentry/* 10.56.0 → 10.57.0 (includes deprecation of sendDefaultPii)
• ✅ @tanstack/react-query 5.100.14 → 5.101.0
• ✅ date-fns 4.2.1 → 4.4.0 (verify TimelineEvent.test.tsx mock works)
• ✅ next 16.2.7 → 16.2.9
• ✅ posthog-js 1.382.0 → 1.386.6
• ✅ read-excel-file 9.1.1 → 9.2.0
• ✅ Storybook 10.4.2 → 10.4.4
• ❌ @mui/material 9.0.1 (reverted from 9.1.1)
• ❌ @biomejs/biome 2.4.15 (reverted from 2.4.16)

The PR is now ready to merge. The two reverted packages are documented blockers awaiting upstream fixes.