build(deps): bump the all-dependencies group with 8 updates

[dependabot]

Bumps the all-dependencies group with 8 updates:

Package	From	To
globals	17.4.0	17.5.0
prettier	3.8.2	3.8.3
typescript-eslint	8.58.1	8.58.2
@anthropic-ai/claude-agent-sdk	0.2.98	0.2.112
@supabase/supabase-js	2.103.0	2.103.3
@anthropic-ai/sdk	0.87.0	0.90.0
electron	40.8.5	40.9.1
react-router-dom	7.14.0	7.14.1

Updates globals from 17.4.0 to 17.5.0

Release notes

Sourced from globals's releases.

v17.5.0

• Update globals (2026-04-12) (#342) 5d84602

---

sindresorhus/globals@v17.4.0...v17.5.0

Commits

• b8170c8 17.5.0
• 5d84602 Update globals (2026-04-12) (#342)
• 1b727e5 Fix build script for ES globals (#341)
• See full diff in compare view

Updates prettier from 3.8.2 to 3.8.3

Release notes

Sourced from prettier's releases.

3.8.3

• SCSS: Prevent trailing comma in if() function (prettier/prettier#18471 by @​kovsu)

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.8.3

diff

SCSS: Prevent trailing comma in if() function (#18471 by @​kovsu)

// Input
$value: if(sass(false): 1; else: -1);
// Prettier 3.8.2
$value: if(
sass(false): 1; else: -1,
);
// Prettier 3.8.3
$value: if(sass(false): 1; else: -1);

Commits

• d7108a7 Release 3.8.3
• 177f908 Prevent trailing comma in SCSS if() function (#18471)
• 1cd4066 Release @​prettier/plugin-oxc@​0.1.4
• a8700e2 Update oxc-parser to v0.125.0
• 752157c Fix tests
• 053fd41 Bump Prettier dependency to 3.8.2
• 904c636 Clean changelog_unreleased
• dc1f7fc Update dependents count
• See full diff in compare view

Updates typescript-eslint from 8.58.1 to 8.58.2

Release notes

Sourced from typescript-eslint's releases.

v8.58.2

8.58.2 (2026-04-13)

🩹 Fixes

• remove tsbuildinfo cache file from published packages (#12187)
• eslint-plugin: [no-unnecessary-condition] use assignability checks in checkTypePredicates (#12147)

❤️ Thank You

• Abhijeet Singh @​cseas
• 송재욱

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.58.2 (2026-04-13)

🩹 Fixes

• remove tsbuildinfo cache file from published packages (#12187)

❤️ Thank You

• Abhijeet Singh @​cseas

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

• 90c2803 chore(release): publish 8.58.2
• b3315fd chore: convert import eslint to import js - followup (#12100)
• be6b49a fix: remove tsbuildinfo cache file from published packages (#12187)
• See full diff in compare view

Updates @anthropic-ai/claude-agent-sdk from 0.2.98 to 0.2.112

Release notes

Sourced from @​anthropic-ai/claude-agent-sdk's releases.

v0.2.112

What's changed

• Updated to parity with Claude Code v2.1.112

Update

npm install @anthropic-ai/claude-agent-sdk@0.2.112
# or
yarn add @anthropic-ai/claude-agent-sdk@0.2.112
# or
pnpm add @anthropic-ai/claude-agent-sdk@0.2.112
# or
bun add @anthropic-ai/claude-agent-sdk@0.2.112

v0.2.111

What's changed

• Opus 4.7 is now available! This version of the SDK is required to use it.
• mcp_set_servers control request: remote (http/sse) server entries can now carry per-tool permission_policy values, which are applied to the session's allow/deny rules
• startup() and WarmQuery are now part of the public TypeScript API
• Changed options.env to overlay the inherited process.env instead of replacing it

Update

npm install @anthropic-ai/claude-agent-sdk@0.2.111
# or
yarn add @anthropic-ai/claude-agent-sdk@0.2.111
# or
pnpm add @anthropic-ai/claude-agent-sdk@0.2.111
# or
bun add @anthropic-ai/claude-agent-sdk@0.2.111

v0.2.110

What's changed

• Fixed unstable_v2_createSession not respecting cwd, settingSources, and allowDangerouslySkipPermissions options
• Added optional shouldQuery field to SDKUserMessage — set to false to append a user message without triggering an assistant turn; fixed shouldQuery: false messages incorrectly triggering auto-title generation, prompt suggestions, and UserPromptSubmit hooks
• Auto session-title generation now respects CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC and CLAUDE_CODE_DISABLE_TERMINAL_TITLE

Update

npm install @anthropic-ai/claude-agent-sdk@0.2.110
# or
yarn add @anthropic-ai/claude-agent-sdk@0.2.110
</tr></table> 

... (truncated)

Changelog

Sourced from @​anthropic-ai/claude-agent-sdk's changelog.

0.2.112

• Updated to parity with Claude Code v2.1.112

0.2.111

• Opus 4.7 is now available! This version of the SDK is required to use it.
• mcp_set_servers control request: remote (http/sse) server entries can now carry per-tool permission_policy values, which are applied to the session's allow/deny rules
• startup() and WarmQuery are now part of the public TypeScript API
• Changed options.env to overlay the inherited process.env instead of replacing it

0.2.110

• Fixed unstable_v2_createSession not respecting cwd, settingSources, and allowDangerouslySkipPermissions options
• Added optional shouldQuery field to SDKUserMessage — set to false to append a user message without triggering an assistant turn; fixed shouldQuery: false messages incorrectly triggering auto-title generation, prompt suggestions, and UserPromptSubmit hooks
• Auto session-title generation now respects CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC and CLAUDE_CODE_DISABLE_TERMINAL_TITLE

0.2.109

• Updated to parity with Claude Code v2.1.109

0.2.108

• SDKStatus now includes 'requesting'; when includePartialMessages is enabled, a {type:'system', subtype:'status', status:'requesting'} message is emitted before each API request in the stream

0.2.107

• Updated to parity with Claude Code v2.1.107

0.2.106

• Updated to parity with Claude Code v2.1.106

0.2.105

• Added system/memory_recall event and memory_paths on system/init for SDK renderers to surface memory operations
• Fixed error_max_structured_output_retries being emitted when the final retry attempt succeeded, discarding valid structured output

0.2.102

• Updated to parity with Claude Code v2.1.102

0.2.101

• Security: bumped @anthropic-ai/sdk to ^0.81.0 and @modelcontextprotocol/sdk to ^1.29.0 to resolve GHSA-5474-4w2j-mq4c and transitive hono advisories
• Fixed resume-session temp directory leaking on Windows when subprocess file handles weren't released before cleanup, and on macOS/APFS when await using disposal raced its own cleanup callback
• Fixed MaxListenersExceededWarning when running 11+ concurrent query() calls

0.2.100

... (truncated)

Commits

• c394ff5 chore: Update CHANGELOG.md
• bf1a335 chore: Update CHANGELOG.md
• 9ecc668 chore: Update CHANGELOG.md
• 36e2715 chore: Update CHANGELOG.md
• 9ca6a44 chore: Update CHANGELOG.md
• 849c843 chore: Update CHANGELOG.md
• 0305880 chore: Update CHANGELOG.md
• de1cb56 chore: Update CHANGELOG.md
• 01435f5 chore: Update CHANGELOG.md
• See full diff in compare view

Updates @supabase/supabase-js from 2.103.0 to 2.103.3

Release notes

Sourced from @​supabase/supabase-js's releases.

v2.103.3

2.103.3 (2026-04-16)

🩹 Fixes

• realtime: throw Error objects instead of bare strings (#2256)
• storage: correct signedUrl type to allow null in createSignedUrls (#2254)

❤️ Thank You

• Katerina Skroumpelou @​mandarini
• oniani1

v2.103.3-canary.1

2.103.3-canary.1 (2026-04-16)

🚀 Features

• postgrest: add stripNulls method for null value stripping (#2189)
• storage: add cacheNonce parameter for download (#2234)
• supabase: export PostgrestFilterBuilder and StorageApiError from supabase-js (#2222)

🩹 Fixes

• auth: downgrade console.error to console.warn for missing session (#2214)
• auth: add toJSON to AuthError for correct JSON serialization (#2238)
• auth: include Cloudflare error codes in NETWORK_ERROR_CODES (#2239)
• auth: remove Prettify wrapper from exported types for TypeDoc expansion (#2250)
• functions: add toJSON to FunctionsError for correct JSON serialization (#2226)
• misc: add explicit return types to toJSON methods for JSR compat (#2252)
• postgrest: fix scalar computed column type inference for isNotNullable and SETOF scalar (#2224)
• postgrest: handle bigint rpc (#2245)
• realtime: throw Error objects instead of bare strings (#2256)
• storage: set correct content-type for uploads (#2211)
• storage: avoid duplicate content-type headers in vector requests (#2220)
• storage: add toJSON to StorageError for correct JSON serialization (#2246)
• storage: apply empty transform check to download and getPublicUrl (#2219)
• storage: remove client-side signed URL render endpoint normalization (#2249)
• storage: correct signedUrl type to allow null in createSignedUrls (#2254)

❤️ Thank You

• Katerina Skroumpelou @​mandarini
• oniani1
• Seydi Charyyev @​TheSeydiCharyyev
• Vaibhav @​7ttp
• Vansh Sharma @​Vansh1811

v2.103.3-canary.0

2.103.3-canary.0 (2026-04-15)

... (truncated)

Changelog

Sourced from @​supabase/supabase-js's changelog.

2.103.3 (2026-04-16)

This was a version bump only for @​supabase/supabase-js to align it with other projects, there were no code changes.

2.103.2 (2026-04-15)

This was a version bump only for @​supabase/supabase-js to align it with other projects, there were no code changes.

2.103.1 (2026-04-15)

This was a version bump only for @​supabase/supabase-js to align it with other projects, there were no code changes.

Commits

• a2f9414 chore(release): version 2.103.2 changelogs (#2253)
• f9da9ee chore(release): version 2.103.1 changelogs (#2248)
• d38c180 chore(release): version 2.103.0 changelogs (#2237)
• See full diff in compare view

Updates @anthropic-ai/sdk from 0.87.0 to 0.90.0

Release notes

Sourced from @​anthropic-ai/sdk's releases.

sdk: v0.90.0

0.90.0 (2026-04-16)

Full Changelog: sdk-v0.89.0...sdk-v0.90.0

Features

• api: add claude-opus-4-7, token budgets and user_profiles (b26134b)

Chores

• actually delete release-doctor.yml (0fe984d)
• ci: remove release-doctor workflow (08e58bd)

sdk: v0.89.0

0.89.0 (2026-04-14)

Full Changelog: sdk-v0.88.0...sdk-v0.89.0

Features

• api: manual updates (57c2a11)
• api: mark Sonnet and Opus 4 as deprecated (eff41b7)

Bug Fixes

• streaming: add missing events (4c52919)

sdk: v0.88.0

0.88.0 (2026-04-10)

Full Changelog: sdk-v0.87.0...sdk-v0.88.0

Features

• vertex eu region (#882) (1933857)

Documentation

• improve examples (de4f483)
• update examples (454e1c5)

Changelog

Sourced from @​anthropic-ai/sdk's changelog.

0.90.0 (2026-04-16)

Full Changelog: sdk-v0.89.0...sdk-v0.90.0

Features

• api: add claude-opus-4-7, token budgets and user_profiles (b26134b)

Chores

• actually delete release-doctor.yml (0fe984d)
• ci: remove release-doctor workflow (08e58bd)

0.89.0 (2026-04-14)

Full Changelog: sdk-v0.88.0...sdk-v0.89.0

Features

• api: manual updates (57c2a11)
• api: mark Sonnet and Opus 4 as deprecated (eff41b7)

Bug Fixes

• streaming: add missing events (4c52919)

0.88.0 (2026-04-10)

Full Changelog: sdk-v0.87.0...sdk-v0.88.0

Features

• vertex eu region (#882) (1933857)

Documentation

• improve examples (de4f483)
• update examples (454e1c5)

Commits

• 93ac7c7 chore: release main (#1003)
• 39549e9 chore: release main (#993)
• 089fe05 chore: release main (#987)
• See full diff in compare view

Updates electron from 40.8.5 to 40.9.1

Release notes

Sourced from electron's releases.

electron v40.9.1

Release Notes for v40.9.1

Features

• Added allowExtensions privilege to protocol.registerSchemesAsPrivileged() to enable Chrome extensions on custom protocols. #50588 (Also in 41, 42)

Fixes

• Fixed fs.stat on files inside asar archives returning undefined for blksize and blocks instead of numeric values. #50875 (Also in 41, 42)
• Fixed a memory leak where Menu items were not cleaned up after Menu.setApplicationMenu was called repeatedly. #50831 (Also in 41, 42)
• Fixed an intermittent Invoke in DisallowJavascriptExecutionScope crash on application quit when a WebContents (or other JS-emitting native object) is garbage-collected during shutdown. #50693 (Also in 41, 42)
• Fixed an issue on macOS where show/hide events and WebContents visibility state could be reported incorrectly when multiple WebContentsViews were attached to a window. #50713 (Also in 41, 42)
• Fixed an issue where DevTools would re-attach to the window when opened after previously being detached. #50817 (Also in 39, 41, 42)
• Fixed an issue where setSimpleFullScreen on macOS would exit when web content called requestFullscreen(). #50986 (Also in 42)
• Fixed an issue where concurrent getFileHandle requests on the same path could stall indefinitely. #50672 (Also in 41, 42)
• Fixed aspect ratio min/max size clamping to correctly account for extraSize on macOS. #50834 (Also in 41, 42)
• Fixed the crash keys being lost and the crash reporter hanging on macOS when many dynamic crash keys were registered. #50838 (Also in 41, 42)
• Moved Electron-specific help menu links to the default app only; unpackaged apps will no longer see these items in their default menu. #50860 (Also in 41, 42)

Other Changes

• Backported fix for 489711638. #50623
• Backported fix for 493952652. #50619
• Backported fix for none. #50881
• Backported upstream v8 fixes for several maglev, inspector, and arm64 code-generation edge cases. #50992

electron v40.9.0

Release Notes for v40.9.0

[!IMPORTANT] Release assets are valid, but automation failed to post to npm. Please use 40.9.1 instead.

Features

• Added allowExtensions privilege to protocol.registerSchemesAsPrivileged() to enable Chrome extensions on custom protocols. #50588 (Also in 41, 42)

Fixes

• Fixed fs.stat on files inside asar archives returning undefined for blksize and blocks instead of numeric values. #50875 (Also in 41, 42)
• Fixed a memory leak where Menu items were not cleaned up after Menu.setApplicationMenu was called repeatedly. #50831 (Also in 41, 42)
• Fixed an intermittent Invoke in DisallowJavascriptExecutionScope crash on application quit when a WebContents (or other JS-emitting native object) is garbage-collected during shutdown. #50693 (Also in 41, 42)
• Fixed an issue on macOS where show/hide events and WebContents visibility state could be reported incorrectly when multiple WebContentsViews were attached to a window. #50713 (Also in 41, 42)
• Fixed an issue where DevTools would re-attach to the window when opened after previously being detached. #50817 (Also in 39, 41, 42)
• Fixed an issue where setSimpleFullScreen on macOS would exit when web content called requestFullscreen(). #50986 (Also in 42)
• Fixed an issue where concurrent getFileHandle requests on the same path could stall indefinitely. #50672 (Also in 41, 42)
• Fixed aspect ratio min/max size clamping to correctly account for extraSize on macOS. #50834 (Also in 41, 42)
• Fixed the crash keys being lost and the crash reporter hanging on macOS when many dynamic crash keys were registered. #50838 (Also in 41, 42)
• Moved Electron-specific help menu links to the default app only; unpackaged apps will no longer see these items in their default menu. #50860 (Also in 41, 42)

Other Changes

• Backported fix for 489711638. #50623
• Backported fix for 493952652. #50619
• Backported fix for none. #50881

... (truncated)

Commits

• a8b0856 test: fixup autoupdater tests failures (#51061)
• e2360f6 test: add desktopCapturer icon validation (#50820)
• ea4a478 fix: reset errno before strtol in v8 builtin_hash PGO parser (#51063)
• 0686cce build: authenticate sudowoodo /token exchange via Actions OIDC (40-x-y) (#51054)
• 3d46b59 fix: remove decorateURL from default_app (#50899)
• 37682f2 ci: capture fatal errors in clang problem matcher (#50995)
• c5b89e9 build: don't use //third_party/depot_tools in gn build scripts (#50989)
• 6875cd8 chore: cherry-pick 6 changes from v8 (#50992)
• a294f82 fix: simpleFullScreen exits when web content calls requestFullscreen (#50...
• 22ce40f chore: cherry-pick d8b01057f740 from chromium (#50619)
• Additional commits viewable in compare view

Updates react-router-dom from 7.14.0 to 7.14.1

Changelog

Sourced from react-router-dom's changelog.

v7.14.1

Patch Changes

• Updated dependencies:
  • react-router@7.14.1

Commits

• 197674b Release 7.14.1 (#14973)
• a87774f Add new release process (#14916)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

🎉 PR Validation ✅ PASSED

Commit: c6ff5b1ccffce1f7f83d77e98a1eff03b4c1ba34
Branch: dependabot/npm_and_yarn/all-dependencies-103faa4b72

Checks:

• ✅ Dependencies installed
• ✅ Type check passed
• ✅ Linting passed
• ✅ Format check passed
• ✅ Tests passed
• ✅ Build successful
• ✅ E2E tests

Ready to merge! ✨

---

🔗 View workflow run
⏰ Generated at: 2026-04-17T16:18:42.024Z