deps(deps): bump the minor-and-patch group with 8 updates

[dependabot]

Bumps the minor-and-patch group with 8 updates:

Package	From	To
@supabase/supabase-js	2.98.0	2.99.0
framer-motion	12.34.4	12.35.2
isomorphic-dompurify	3.0.0	3.1.0
lucide-react	0.576.0	0.577.0
openai	6.25.0	6.27.0
puppeteer	24.37.5	24.38.0
@types/node	25.3.3	25.3.5
postcss	8.5.6	8.5.8

Updates @supabase/supabase-js from 2.98.0 to 2.99.0

Release notes

Sourced from @​supabase/supabase-js's releases.

v2.99.0

2.99.0 (2026-03-09)

🚀 Features

• auth: add custom OIDC/OAuth provider admin CRUD methods (#2133)

🩹 Fixes

• storage: improve FileObject type accuracy with nullable fields (#2116)

❤️ Thank You

• Cemal Kılıç @​cemalkilic
• Katerina Skroumpelou @​mandarini

v2.98.1-canary.1

2.98.1-canary.1 (2026-03-05)

🩹 Fixes

• storage: improve FileObject type accuracy with nullable fields (#2116)

❤️ Thank You

• Katerina Skroumpelou @​mandarini

v2.98.1-canary.0

2.98.1-canary.0 (2026-02-27)

🚀 Features

• auth: add custom OIDC/OAuth provider admin CRUD methods (#2133)

❤️ Thank You

• Cemal Kılıç @​cemalkilic

Changelog

Sourced from @​supabase/supabase-js's changelog.

2.99.0 (2026-03-09)

This was a version bump only for @​supabase/supabase-js to align it with other projects, there were no code changes.

Commits

• fab1655 chore(deps): update supabase ssr (#2147)
• e6bdfe2 test(ci): add e2e tests for example apps (#2138)
• 8451cc0 chore(release): version 2.98.0 changelogs (#2141)
• See full diff in compare view

Updates framer-motion from 12.34.4 to 12.35.2

Changelog

Sourced from framer-motion's changelog.

[12.35.2] 2026-03-09

Fixed

• Reduced filesize of styleEffect.
• Fix rounding from popLayout.
• opacity animations in React Strict Mode in development.
• Ensure useSpring is not affected by monitor framerate.
• Updating animations sequence segment types to exclude lifecycle handlers.
• Fix layout animations with parents offset by a %-based translation.
• Fix autoplay: false with WAAPI animations.
• Fix layout jump in React Strict Mode in development.
• Detect divide-by-zero in CSS calc() values before making animatable templates.

[12.35.1] 2026-03-06

Fixed

• Fixing combination of string keyframes, spring and delay.
• Gracefully handle negative scroll values.
• Fix one-frame visual gap when rapidly switching WAAPI animations.
• animation.time = 0 on a finished animation sets the playhead in a paused state.

[12.35.0] 2026-03-03

Added

• ViewTimeline support for scroll and useScroll.

[12.34.6] 2026-03-03

Fixed

• Handle % translate values in layout animations.

[12.34.5] 2026-03-03

Fixed

• Ensure final WAAPI styles are always committed synchronously to prevent flash of incorrect styles in Firefox.
• Prevent Next.js from caching typeof window checks.
• Improve projection node cleanup.
• Variant propagation fixed for asynchronously-mounted children.

Commits

• 2034efc v12.35.2
• 9f080ca Updating changelog
• 31dd9bd Latest
• da23762 Merge pull request #3602 from motiondivision/worktree-fix-issue-3232
• 80b321e Merge pull request #3599 from motiondivision/worktree-fix-issue-3244
• 4e5e0ae Merge pull request #3600 from motiondivision/worktree-fix-issue-3236
• 16b83b4 Merge branch 'main' into worktree-fix-issue-3236
• f4adc2e Extract convertToZero to module level with documentation
• b793fc0 Merge pull request #3598 from motiondivision/worktree-fix-issue-3254
• e787956 Simplify transformBox and add comment for percentage re-measurement
• Additional commits viewable in compare view

Updates isomorphic-dompurify from 3.0.0 to 3.1.0

Release notes

Sourced from isomorphic-dompurify's releases.

3.1.0: Updated dependencies

What's Changed

• chore(deps-dev): bump @​types/jsdom from 27.0.0 to 28.0.0 by @​dependabot[bot] in kkomelin/isomorphic-dompurify#396
• chore(deps-dev): bump lefthook from 2.1.1 to 2.1.2 by @​dependabot[bot] in kkomelin/isomorphic-dompurify#397
• chore(deps-dev): bump @​biomejs/biome from 2.4.4 to 2.4.5 by @​dependabot[bot] in kkomelin/isomorphic-dompurify#398
• chore(deps): bump dompurify from 3.3.1 to 3.3.2 by @​dependabot[bot] in kkomelin/isomorphic-dompurify#400
• chore(deps-dev): bump @​biomejs/biome from 2.4.5 to 2.4.6 by @​dependabot[bot] in kkomelin/isomorphic-dompurify#399

Full Changelog: kkomelin/isomorphic-dompurify@3.0.0...3.1.0

Commits

• d622ce0 chore: Incremented project version.
• dc24182 chore: Updated deps.
• de68cec chore(deps-dev): bump @​biomejs/biome from 2.4.5 to 2.4.6
• ae01355 chore(deps): bump dompurify from 3.3.1 to 3.3.2
• 058fca3 chore(deps-dev): bump @​biomejs/biome from 2.4.4 to 2.4.5
• 48c772c chore(deps-dev): bump lefthook from 2.1.1 to 2.1.2
• daa0420 Merge branch 'master' of github.com:kkomelin/isomorphic-dompurify
• a7dd07a docs: Slightly corrected the language.
• 00ccf3a chore(deps-dev): bump @​types/jsdom from 27.0.0 to 28.0.0
• 9f8db63 Update funding sources in FUNDING.yml
• Additional commits viewable in compare view

Updates lucide-react from 0.576.0 to 0.577.0

Release notes

Sourced from lucide-react's releases.

Version 0.577.0

What's Changed

• chore(deps): bump rollup from 4.53.3 to 4.59.0 by @​dependabot[bot] in lucide-icons/lucide#4106
• fix(repo): correctly ignore docs/releaseMetadata via .gitignore by @​bhavberi in lucide-icons/lucide#4100
• feat(icons): added ellipse icon by @​KISHORE-KUMAR-S in lucide-icons/lucide#3749

New Contributors

• @​bhavberi made their first contribution in lucide-icons/lucide#4100
• @​KISHORE-KUMAR-S made their first contribution in lucide-icons/lucide#3749

Full Changelog: lucide-icons/lucide@0.576.0...0.577.0

Commits

• f6c0d06 chore(deps): bump rollup from 4.53.3 to 4.59.0 (#4106)
• See full diff in compare view

Updates openai from 6.25.0 to 6.27.0

Release notes

Sourced from openai's releases.

v6.27.0

6.27.0 (2026-03-05)

Full Changelog: v6.26.0...v6.27.0

Features

• api: The GA ComputerTool now uses the CompuerTool class. The 'computer_use_preview' tool is moved to ComputerUsePreview (0206188)

Chores

• internal: improve import alias names (9cc2478)

v6.26.0

6.26.0 (2026-03-05)

Full Changelog: v6.25.0...v6.26.0

Features

• api: gpt-5.4, tool search tool, and new computer tool (1d1e5a9)

Bug Fixes

• api: internal schema fixes (6b401ad)
• api: manual updates (2b54919)
• api: readd phase (4a0cf29)
• api: remove phase from message types, prompt_cache_key param in responses (088fca6)

Chores

• internal: codegen related update (6a0aa9e)
• internal: codegen related update (b2a4299)
• internal: move stringifyQuery implementation to internal function (f9f4660)
• internal: reduce warnings (7e19492)

Changelog

Sourced from openai's changelog.

6.27.0 (2026-03-05)

Full Changelog: v6.26.0...v6.27.0

Features

• api: The GA ComputerTool now uses the CompuerTool class. The 'computer_use_preview' tool is moved to ComputerUsePreview (0206188)

Chores

• internal: improve import alias names (9cc2478)

6.26.0 (2026-03-05)

Full Changelog: v6.25.0...v6.26.0

Features

• api: gpt-5.4, tool search tool, and new computer tool (1d1e5a9)

Bug Fixes

• api: internal schema fixes (6b401ad)
• api: manual updates (2b54919)
• api: readd phase (4a0cf29)
• api: remove phase from message types, prompt_cache_key param in responses (088fca6)

Chores

• internal: codegen related update (6a0aa9e)
• internal: codegen related update (b2a4299)
• internal: move stringifyQuery implementation to internal function (f9f4660)
• internal: reduce warnings (7e19492)

Commits

• 09de6c0 release: 6.27.0
• 0aeb1b5 feat(api): The GA ComputerTool now uses the CompuerTool class. The 'computer_...
• 3cf5bc2 chore(internal): improve import alias names
• 6a89ced release: 6.26.0
• e2b122f feat(api): gpt-5.4, tool search tool, and new computer tool
• 583240f chore(internal): codegen related update
• e53097f chore(internal): reduce warnings
• 1da125d chore(internal): codegen related update
• 67137ac codegen metadata
• 8605a10 fix(api): internal schema fixes
• Additional commits viewable in compare view

Updates puppeteer from 24.37.5 to 24.38.0

Release notes

Sourced from puppeteer's releases.

puppeteer-core: v24.38.0

24.38.0 (2026-03-04)

🎉 Features

• roll to Chrome 146.0.7680.31 (#14729) (627eb5e)
• roll to Firefox 148.0 (#14728) (09b655a)

🛠️ Fixes

• consider browsingContext.navigationCommitted to dispose an existing navigation (#14724) (b4e92c6)
• disable PartitionAllocSchedulerLoopQuarantineTaskControlledPurge (#14744) (e6c7425)
• roll to Chrome 145.0.7632.117 (#14719) (1d407e1)

puppeteer: v24.38.0

24.38.0 (2026-03-04)

🎉 Features

• roll to Chrome 146.0.7680.31 (#14729) (627eb5e)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • puppeteer-core bumped from 24.37.5 to 24.38.0

Changelog

Sourced from puppeteer's changelog.

24.38.0 (2026-03-04)

🎉 Features

• roll to Chrome 146.0.7680.31 (#14729) (627eb5e)
• roll to Firefox 148.0 (#14728) (09b655a)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • puppeteer-core bumped from 24.37.5 to 24.38.0

🛠️ Fixes

• consider browsingContext.navigationCommitted to dispose an existing navigation (#14724) (b4e92c6)
• disable PartitionAllocSchedulerLoopQuarantineTaskControlledPurge (#14744) (e6c7425)
• roll to Chrome 145.0.7632.117 (#14719) (1d407e1)

Commits

• d3356fa chore: release main (#14720)
• e6c7425 fix: disable PartitionAllocSchedulerLoopQuarantineTaskControlledPurge (#14744)
• e24f432 chore(deps-dev): bump the dev-dependencies group across 1 directory with 7 up...
• b12fca9 test: update tests and add diagnostics (#14741)
• 627eb5e feat: roll to Chrome 146.0.7680.31 (#14729)
• e0e3e89 chore: enable blank issues in issue template configuration (#14739)
• ba19944 chore(deps-dev): bump rollup from 4.22.4 to 4.59.0 in /examples/puppeteer-in-...
• b4e92c6 fix: consider browsingContext.navigationCommitted to dispose an existing navi...
• 57b40c0 chore(deps): bump typed-query-selector from 2.12.0 to 2.12.1 in the dependenc...
• eca8ca4 chore(deps): bump the all group in /website with 2 updates (#14732)
• Additional commits viewable in compare view

Updates @types/node from 25.3.3 to 25.3.5

Commits

• See full diff in compare view

Updates postcss from 8.5.6 to 8.5.8

Release notes

Sourced from postcss's releases.

8.5.8

• Fixed Processor#version.

8.5.7

• Improved source map annotation cleaning performance (by CodeAnt AI).

Changelog

Sourced from postcss's changelog.

8.5.8

• Fixed Processor#version.

8.5.7

• Improved source map annotation cleaning performance (by CodeAnt AI).

Commits

• 65de537 Release 8.5.8 version
• b2c6d97 Run git hook register
• 0ae0a49 Update Processor#version
• 6ee9f14 Release 8.5.7 version
• 3fbc951 Fix uvu Node.js 25 support
• 52db53e Update dependencies
• 497daef Speed up source map annotation cleaning by moving from RegExp
• 41e739a Remove banner
• 1329142 chore: speed up space-only string check in lib/parser.js (#2064)
• 23beff9 Update dependencies
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: automated, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	openai@​6.25.0 ⏵ 6.27.0	+1		+1
	@​types/​node@​25.3.3 ⏵ 25.3.5	+1		+1
	postcss@​8.5.6 ⏵ 8.5.8
	puppeteer@​24.37.5 ⏵ 24.38.0
	isomorphic-dompurify@​3.0.0 ⏵ 3.1.0			+2
	lucide-react@​0.576.0 ⏵ 0.577.0	+1		+1	+1
	@​supabase/​supabase-js@​2.98.0 ⏵ 2.99.0	+13			+1
	framer-motion@​12.34.4 ⏵ 12.35.2	+4		+1	+1

View full report