chore(deps): bump the npm-apps-web-patch-minor group across 1 directory with 12 updates by dependabot[bot] · Pull Request #181 · Prekzursil/Reframe

dependabot · 2026-05-22T21:38:39Z

Bumps the npm-apps-web-patch-minor group with 11 updates in the /apps/web directory:

Package	From	To
react	`19.2.4`	`19.2.6`
@types/react	`19.2.14`	`19.2.15`
react-dom	`19.2.4`	`19.2.6`
@applitools/eyes-playwright	`1.45.0`	`1.47.3`
@chromatic-com/playwright	`0.12.8`	`0.14.2`
@playwright/test	`1.58.2`	`1.60.0`
@vitejs/plugin-react	`5.1.4`	`5.2.0`
@vitest/coverage-v8	`4.0.18`	`4.1.7`
browserstack-node-sdk	`1.50.1`	`1.55.0`
chromatic	`16.0.0`	`16.10.1`
vite	`7.3.1`	`7.3.3`

Updates react from 19.2.4 to 19.2.6

Release notes

Sourced from react's releases.

19.2.6 (May 6th, 2026)

React Server Components

Type hardening and performance improvements (#36425 by @eps1lon and @unstubbable)

19.2.5 (April 8th, 2026)

React Server Components

Add more cycle protections (#36236 by @eps1lon and @unstubbable)

Commits

eaf3e95 Version 19.2.6
23f4f9f 19.2.5
See full diff in compare view

Updates @types/react from 19.2.14 to 19.2.15

Commits

See full diff in compare view

Updates react-dom from 19.2.4 to 19.2.6

Release notes

Sourced from react-dom's releases.

19.2.6 (May 6th, 2026)

React Server Components

Type hardening and performance improvements (#36425 by @eps1lon and @unstubbable)

19.2.5 (April 8th, 2026)

React Server Components

Add more cycle protections (#36236 by @eps1lon and @unstubbable)

Commits

eaf3e95 Version 19.2.6
23f4f9f 19.2.5
See full diff in compare view

Updates @applitools/eyes-playwright from 1.45.0 to 1.47.3

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by movsho, a new releaser for @applitools/eyes-playwright since your current version.

Updates @chromatic-com/playwright from 0.12.8 to 0.14.2

Release notes

Sourced from @chromatic-com/playwright's releases.

@chromatic-com/playwright@0.14.2

Patch Changes

6fa75b9: Fix: Public API typings

@chromatic-com/playwright@0.14.1

Patch Changes

9da7ecc: Fix: Proper browser entrypoint

@chromatic-com/playwright@0.14.0

Minor Changes

f16ce4e: Feat: Capture contents of iframes

@chromatic-com/playwright@0.13.4

Patch Changes

5a0b4e4: Fix: Use Storybook viewport globals (#339)

@chromatic-com/playwright@0.13.3

Patch Changes

8b326f5: Fix: Preserve CSS pseudo states in snapshots

@chromatic-com/playwright@0.13.2

Patch Changes

3c5f422: Fix: Resolve viewport from when snapshot is taken

95c1b23: Fix: don't inline playwright types

@chromatic-com/playwright@0.13.1

Patch Changes

4acea24: Include missing packages in embedded directory

@chromatic-com/playwright@0.13.0

Minor Changes

bf9e686: upgrade storybook to latest

Patch Changes

ea271c9: upgrade eslint

c9d9d6a: improve CI release flow

ea271c9: remove sourcemaps and stop minifying distributed code

Changelog

Sourced from @chromatic-com/playwright's changelog.

0.14.2

Patch Changes

6fa75b9: Fix: Public API typings

0.14.1

Patch Changes

9da7ecc: Fix: Proper browser entrypoint

0.14.0

Minor Changes

f16ce4e: Feat: Capture contents of iframes

0.13.4

Patch Changes

5a0b4e4: Fix: Use Storybook viewport globals (#339)

0.13.3

Patch Changes

8b326f5: Fix: Preserve CSS pseudo states in snapshots

0.13.2

Patch Changes

3c5f422: Fix: Resolve viewport from when snapshot is taken

95c1b23: Fix: don't inline playwright types

0.13.1

Patch Changes

4acea24: Include missing packages in embedded directory

0.13.0

Minor Changes

bf9e686: upgrade storybook to latest

Patch Changes

... (truncated)

Commits

4bc45a2 Version Packages (#359)
6fa75b9 fix: public API types broken (#354)
ee95e8d Version Packages (#357)
9da7ecc fix(playwright): proper browser entrypoint (#351)
5c55344 Version Packages (#350)
f16ce4e feat(playwright): capture and hydrate iframe contents (#345)
38236bc test(playwright): disable playwright projects (#349)
7871628 Version Packages (#344)
f3c5a90 test: capturing iframe contents (#342)
6e36004 Version Packages (#336)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @chromatic-com/playwright since your current version.

Updates @playwright/test from 1.58.2 to 1.60.0

Release notes

Sourced from @playwright/test's releases.

v1.60.0

🌐 HAR recording on Tracing

tracing.startHar() / tracing.stopHar() expose HAR recording as a first-class tracing API, with the same content, mode and urlFilter options as recordHar. The returned Disposable makes it easy to scope a recording with await using:
await using har = await context.tracing.startHar('trace.har');
const page = await context.newPage();
await page.goto('https://playwright.dev');
// HAR is finalized when `har` goes out of scope.
🪝 Drop API

New locator.drop() simulates an external drag-and-drop of files or clipboard-like data onto an element. Playwright dispatches dragenter, dragover, and drop with a synthetic [DataTransfer] in the page context — works cross-browser and is great for testing upload zones:
await page.locator('#dropzone').drop({
  files: { name: 'note.txt', mimeType: 'text/plain', buffer: Buffer.from('hello') },
});
await page.locator('#dropzone').drop({
data: {
'text/plain': 'hello world',
'text/uri-list': 'https://example.com',
},
});
🎯 Aria snapshots

expect(page).toMatchAriaSnapshot() now works on a Page, in addition to a Locator — equivalent to asserting against page.locator('body').

New boxes option on locator.ariaSnapshot() / page.ariaSnapshot() appends each element's bounding box as [box=x,y,width,height], useful for AI consumption.

🛑 test.abort()

New test.abort() aborts the currently running test from a fixture, hook, or route handler with an optional message. Use it when you have detected an unrecoverable misuse and want to fail the test right away:
test('does not publish to the shared page', async ({ page }) => {
  await page.route('**/publish', route => {
    test.abort('Tests must not publish to the shared page. Use the `clone` option.');
    return route.abort();
  });
  // ...
});
New APIs

Browser, Context and Page

... (truncated)

Commits

87bb9dd cherry-pick(#40747): fix(yauzl): vendor yauzl with destroy-lifecycle fix
9a9c51c cherry-pick(#40733): chore(electron): revert #40184 (move Electron API to a s...
4b3b628 cherry-pick(#40736): Revert "feat(electron): add timeout option to electronAp...
f869f96 chore: bump version to v1.60.0 (#40714)
7eb6918 cherry-pick(#40710): docs: release notes v1.60
118d2aa cherry-pick(#40693): chore(python): formdata path type
54012f5 chore(deps): bump ip-address and express-rate-limit (#40680)
9fa531d fix(screencast): unblock frame ack when an async client disconnects (#40674)
3649db5 chore(mcp): bump default extension protocol to v2 (#40678)
bb6c009 chore(extension): mark 0.2.1 (#40679)
Additional commits viewable in compare view

Updates @types/react from 19.2.14 to 19.2.15

Commits

See full diff in compare view

Updates @vitejs/plugin-react from 5.1.4 to 5.2.0

Release notes

Sourced from @vitejs/plugin-react's releases.

plugin-react@5.2.0

Add Vite 8 to peerDependencies range #1143

This plugin is compatible with Vite 8.

Changelog

Sourced from @vitejs/plugin-react's changelog.

5.2.0 (2026-03-12)

Add Vite 8 to peerDependencies range #1143

This plugin is compatible with Vite 8.

Commits

fda3a86 release: plugin-react@5.2.0
99ab1b6 feat(react): add Vite 8 to peer dependency (#1143)
See full diff in compare view

Updates @vitest/coverage-v8 from 4.0.18 to 4.1.7

Release notes

Sourced from @vitest/coverage-v8's releases.

v4.1.7

   🐞 Bug Fixes

runner: Limit concurrency per task branch in addition to per leaf callbacks (backport) - by @hi-ogawa in vitest-dev/vitest#10384 (4f0f2)

    View changes on GitHub

v4.1.6

   🐞 Bug Fixes

browser: Provide project reference in ToMatchScreenshotResolvePath - by @macarie and @sheremet-va in vitest-dev/vitest#10138 (31882)

Global sequence.concurrent: true with top-level test(..., { concurrent: false }) + depreacte sequential test API and options - by @hi-ogawa, Codex and @sheremet-va in vitest-dev/vitest#10196 (2847d)

browser: Simplify orchestrator otel carrier - by @hi-ogawa in vitest-dev/vitest#10285 (18af9)

   🏎 Performance

Stringify diff objects only once - by @sheremet-va in vitest-dev/vitest#10276 (9f7b1)

    View changes on GitHub

v4.1.5

   🚀 Experimental Features

coverage: Istanbul to support instrumenter option - by @BartWaardenburg and @AriPerkkio in vitest-dev/vitest#10119 (0e0ff)

   🐞 Bug Fixes

--project negation excludes browser instances - by @felamaslen in vitest-dev/vitest#10131 (9423d)

Project color label on html reporter - by @hi-ogawa in vitest-dev/vitest#10142 (596f7)

Fix vi.defineHelper called as object method - by @hi-ogawa in vitest-dev/vitest#10163 (122c2)

Alias agent reporter to minimal - by @sheremet-va in vitest-dev/vitest#10157 (663b9)

Respect diff config options in soft assertions - by @Copilot, sheremet-va and @sheremet-va in vitest-dev/vitest#8696 (9787d)

Respect diff config options in soft assertions " - by @sheremet-va in vitest-dev/vitest#8696 (7dc6d)

ast-collect: Recognize _vi_import prefix in static test discovery - by @Yejneshwar in vitest-dev/vitest#10129 (32546)

coverage: Descriptive error message when reports directory is removed during test run - by @DaveT1991 and @AriPerkkio in vitest-dev/vitest#10117 (14133)

snapshot: Increase default snapshot max output length - by @hi-ogawa and Codex in vitest-dev/vitest#10150 (21e66)

ui: Fix jsx/tsx syntax highlight - by @hi-ogawa in vitest-dev/vitest#10152 (f1b1f)

web-worker: Support MessagePort objects referenced inside postMessage data - by @whitphx and Claude Opus 4.6 (1M context) in vitest-dev/vitest#9927 and vitest-dev/vitest#10124 (7ad7d)

api: Make test-specification options writable - by @sheremet-va in vitest-dev/vitest#10154 (6abd5)

    View changes on GitHub

v4.1.4

   🚀 Experimental Features

coverage:

Default to text reporter skipFull if agent detected - by @hi-ogawa in vitest-dev/vitest#10018 (53757)

experimental:

Expose assertion as a public field - by @sheremet-va in vitest-dev/vitest#10095 (a120e)

Support aria snapshot - by @hi-ogawa, Claude Opus 4.6 (1M context), @AriPerkkio, Codex and @sheremet-va in vitest-dev/vitest#9668 (d4fbb)

... (truncated)

Commits

a09d472 chore: release v4.1.7
a8fd24c chore: release v4.1.6
e399846 chore: release v4.1.5
ac04bac chore: release v4.1.4
2dc0d62 chore: release v4.1.3
fc6f482 chore: release v4.1.2
1f2d318 chore: release v4.1.1
aaf9f18 fix(coverage): simplify provider types (#9931)
4150b91 chore: release v4.1.0
0c2c013 chore: release v4.1.0-beta.6
Additional commits viewable in compare view

Updates browserstack-node-sdk from 1.50.1 to 1.55.0

Updates chromatic from 16.0.0 to 16.10.1

Release notes

Sourced from chromatic's releases.

v16.10.1

🐛 Bug Fix

Fix getUncommittedHash in Windows environments #1332 (@codykaup)

Increase flaky test timeout #1326 (@codykaup)

Refactor initialize task to use typed inputs and outputs #1323 (@justin-thurman)

Authors: 2

Cody Kaup (@codykaup)

Justin Thurman (@justin-thurman)

v16.10.0

🚀 Enhancement

Add share() to Node API #1284 (@codykaup @katiebayes)

🐛 Bug Fix

Migrate gitInfo task to typed inputs and outputs #1314 (@justin-thurman)

Add config option for building multiple Android architectures #1321 (@jmhobbs)

Authors: 4

Cody Kaup (@codykaup)

John Hobbs (@jmhobbs)

Justin Thurman (@justin-thurman)

Katie Bayes (@katiebayes)

v16.9.1

🐛 Bug Fix

Add additional environment variables to RN build #1319 (@jmhobbs)

Authors: 1

John Hobbs (@jmhobbs)

v16.9.0

🚀 Enhancement

Allow skip without a project token #1310 (@codykaup)

Authors: 1

Cody Kaup (@codykaup)

v16.8.0

🚀 Enhancement

... (truncated)

Changelog

Sourced from chromatic's changelog.

v16.10.1 (Fri May 15 2026)

🐛 Bug Fix

Fix getUncommittedHash in Windows environments #1332 (@codykaup)

Increase flaky test timeout #1326 (@codykaup)

Refactor initialize task to use typed inputs and outputs #1323 (@justin-thurman)

Authors: 2

Cody Kaup (@codykaup)

Justin Thurman (@justin-thurman)

v16.10.0 (Mon May 11 2026)

🚀 Enhancement

Add share() to Node API #1284 (@codykaup @katiebayes)

🐛 Bug Fix

Migrate gitInfo task to typed inputs and outputs #1314 (@justin-thurman)

Add config option for building multiple Android architectures #1321 (@jmhobbs)

Authors: 4

Cody Kaup (@codykaup)

John Hobbs (@jmhobbs)

Justin Thurman (@justin-thurman)

Katie Bayes (@katiebayes)

v16.9.1 (Thu May 07 2026)

🐛 Bug Fix

Add additional environment variables to RN build #1319 (@jmhobbs)

Authors: 1

John Hobbs (@jmhobbs)

v16.9.0 (Wed May 06 2026)

🚀 Enhancement

... (truncated)

Commits

3a6f612 Bump version to: 16.10.1 [skip ci]
e0e9ce9 Update CHANGELOG.md [skip ci]
8ece961 Merge pull request #1332 from chromaui/CAP-4400
5087fb8 Support all: false
7b1c005 Fix getUncommittedHash in Windows environments
1a8c8ce Merge pull request #1326 from chromaui/cody/flaky-test
7e9321e Remove duplicate skipped test
ed870e5 Increase flaky test timeout
9ed03ec Merge pull request #1323 from chromaui/CAP-4385
66af1d1 Bump version to: 16.10.0 [skip ci]
Additional commits viewable in compare view

Updates vite from 7.3.1 to 7.3.3

Release notes

Sourced from vite's releases.

v7.3.3

Please refer to CHANGELOG.md for details.

v7.3.2

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

7.3.3 (2026-05-07)

Bug Fixes

avoid destructure lowering for newer safari (#22346) (5ab51c0)

7.3.2 (2026-04-06)

Bug Fixes

avoid path traversal with optimize deps sourcemap handler (#22161) (09d8c90)

backport #22159, apply server.fs check to env transport (#22162) (19db0f2)

check server.fs after stripping query as well (#22160) (f8103cc)

Commits

ca31424 release: v7.3.3
5ab51c0 fix: avoid destructure lowering for newer safari (#22346)
cc383e0 release: v7.3.2
09d8c90 fix: avoid path traversal with optimize deps sourcemap handler (#22161)
f8103cc fix: check server.fs after stripping query as well (#22160)
19db0f2 fix: backport #22159, apply server.fs check to env transport (#22162)
See full diff in compare view

Updates vitest from 4.0.18 to 4.1.7

Release notes

Sourced from vitest's releases.

v4.1.7

   🐞 Bug Fixes

runner: Limit concurrency per task branch in addition to per leaf callbacks (backport) - by @hi-ogawa in vitest-dev/vitest#10384 (4f0f2)

    View changes on GitHub

v4.1.6

   🐞 Bug Fixes

browser: Provide project reference in ToMatchScreenshotResolvePath - by @macarie and @sheremet-va in vitest-dev/vitest#10138 (31882)

Global sequence.concurrent: true with top-level test(..., { concurrent: false }) + depreacte sequential test API and options - by @hi-ogawa, Codex and @sheremet-va in vitest-dev/vitest#10196 (2847d)

browser: Simplify orchestrator otel carrier - by @hi-ogawa in vitest-dev/vitest#10285 (18af9)

   🏎 Performance

Stringify diff objects only once - by @sheremet-va in vitest-dev/vitest#10276 (9f7b1)

    View changes on GitHub

v4.1.5

   🚀 Experimental Features

coverage: Istanbul to support instrumenter option - by @BartWaardenburg and @AriPerkkio in vitest-dev/vitest#10119 (0e0ff)

   🐞 Bug Fixes

--project negation excludes browser instances - by @felamaslen in vitest-dev/vitest#10131 (9423d)

Project color label on html reporter - by @hi-ogawa in vitest-dev/vitest#10142 (596f7)

Fix vi.defineHelper called as object method - by @hi-ogawa in vitest-dev/vitest#10163 (122c2)

Alias agent reporter to minimal - by @sheremet-va in vitest-dev/vitest#10157 (663b9)

Respect diff config options in soft assertions - by @Copilot, sheremet-va and @sheremet-va in vitest-dev/vitest#8696 (9787d)

Respect diff config options in soft assertions " - by @sheremet-va in vitest-dev/vitest#8696 (7dc6d)

ast-collect: Recognize _vi_import prefix in static test discovery - by @Yejneshwar in vitest-dev/vitest#10129 (32546)

coverage: Descriptive error message when reports directory is removed during test run - by @DaveT1991 and @AriPerkkio in vitest-dev/vitest#10117 (14133)

snapshot: Increase default snapshot max output length - by @hi-ogawa and Codex in vitest-dev/vitest#10150 (21e66)

ui: Fix jsx/tsx syntax highlight - by @hi-ogawa in vitest-dev/vitest#10152 (f1b1f)

web-worker: Support MessagePort objects referenced inside postMessage data - by @whitphx and Claude Opus 4.6 (1M context) in vitest-dev/vitest#9927 and vitest-dev/vitest#10124 (7ad7d)

api: Make test-specification options writable - by @sheremet-va in vitest-dev/vitest#10154 (6abd5)

    View changes on GitHub

v4.1.4

   🚀 Experimental Features

coverage:

Default to text reporter skipFull if agent detected - by @hi-ogawa in vitest-dev/vitest#10018 (53757)

experimental:

Expose assertion as a public field - by @sheremet-va in vitest-dev/vitest#10095 (a120e)

Support aria snapshot - by @hi-ogawa, Claude Opus 4.6 (1M context), @AriPerkkio, Codex and @sheremet-va in vitest-dev/vitest#9668 (d4fbb)

... (truncated)

Commits

a09d472 chore: release v4.1.7
a8fd24c chore: release v4.1.6
18af98c fix(browser): simplify orchestrator otel carrier (#10285)
3188260 feat(browser): provide project reference in ToMatchScreenshotResolvePath (#...
e399846 chore: release v4.1.5
7dc6d54 Revert "fix: respect diff config options in soft assertions (#8696)"
9787ded fix: respect diff config options in soft assertions (#8696)
325463a fix(ast-collect): recognize _vi_import prefix in static test discovery (#10...
0e0ff41 feat(coverage): istanbul to support instrumenter option (#10119)
663b99f fix: alias agent reporter to minimal (#10157)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Summary by cubic

Upgrade web app dependencies to latest patch/minor versions for stability and better CI tooling. Highlights: React 19.2.6, Vite 7.3.3, Playwright 1.60, Vitest 4.1.7, Chromatic 16.10.1.

Dependencies
- react/react-dom 19.2.6; @types/react 19.2.15.
- Tooling: vite 7.3.3 and @vitejs/plugin-react 5.2.0 (Vite 8 compatible).
- Testing: @playwright/test 1.60.0; vitest and @vitest/coverage-v8 4.1.7.
- Visual tests: chromatic 16.10.1; @chromatic-com/playwright 0.14.2; @applitools/eyes-playwright 1.47.3.
- CI: browserstack-node-sdk 1.55.0.

^{Written for commit 6b05633. Summary will update on new commits. Review in cubic}

…ry with 12 updates Bumps the npm-apps-web-patch-minor group with 11 updates in the /apps/web directory: | Package | From | To | | --- | --- | --- | | [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.4` | `19.2.6` | | [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.14` | `19.2.15` | | [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.4` | `19.2.6` | | [@applitools/eyes-playwright](https://github.com/applitools/eyes.sdk.javascript1/tree/HEAD/js/packages/eyes-playwright) | `1.45.0` | `1.47.3` | | [@chromatic-com/playwright](https://github.com/chromaui/chromatic-e2e/tree/HEAD/packages/playwright) | `0.12.8` | `0.14.2` | | [@playwright/test](https://github.com/microsoft/playwright) | `1.58.2` | `1.60.0` | | [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) | `5.1.4` | `5.2.0` | | [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.0.18` | `4.1.7` | | browserstack-node-sdk | `1.50.1` | `1.55.0` | | [chromatic](https://github.com/chromaui/chromatic-cli) | `16.0.0` | `16.10.1` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `7.3.1` | `7.3.3` | Updates `react` from 19.2.4 to 19.2.6 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.6/packages/react) Updates `@types/react` from 19.2.14 to 19.2.15 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) Updates `react-dom` from 19.2.4 to 19.2.6 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.6/packages/react-dom) Updates `@applitools/eyes-playwright` from 1.45.0 to 1.47.3 - [Commits](https://github.com/applitools/eyes.sdk.javascript1/commits/HEAD/js/packages/eyes-playwright) Updates `@chromatic-com/playwright` from 0.12.8 to 0.14.2 - [Release notes](https://github.com/chromaui/chromatic-e2e/releases) - [Changelog](https://github.com/chromaui/chromatic-e2e/blob/main/packages/playwright/CHANGELOG.md) - [Commits](https://github.com/chromaui/chromatic-e2e/commits/@chromatic-com/playwright@0.14.2/packages/playwright) Updates `@playwright/test` from 1.58.2 to 1.60.0 - [Release notes](https://github.com/microsoft/playwright/releases) - [Commits](microsoft/playwright@v1.58.2...v1.60.0) Updates `@types/react` from 19.2.14 to 19.2.15 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) Updates `@vitejs/plugin-react` from 5.1.4 to 5.2.0 - [Release notes](https://github.com/vitejs/vite-plugin-react/releases) - [Changelog](https://github.com/vitejs/vite-plugin-react/blob/plugin-react@5.2.0/packages/plugin-react/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite-plugin-react/commits/plugin-react@5.2.0/packages/plugin-react) Updates `@vitest/coverage-v8` from 4.0.18 to 4.1.7 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.7/packages/coverage-v8) Updates `browserstack-node-sdk` from 1.50.1 to 1.55.0 Updates `chromatic` from 16.0.0 to 16.10.1 - [Release notes](https://github.com/chromaui/chromatic-cli/releases) - [Changelog](https://github.com/chromaui/chromatic-cli/blob/main/CHANGELOG.md) - [Commits](chromaui/chromatic-cli@v16.0.0...v16.10.1) Updates `vite` from 7.3.1 to 7.3.3 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.3.3/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.3.3/packages/vite) Updates `vitest` from 4.0.18 to 4.1.7 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.7/packages/vitest) --- updated-dependencies: - dependency-name: react dependency-version: 19.2.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm-apps-web-patch-minor - dependency-name: "@types/react" dependency-version: 19.2.15 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-apps-web-patch-minor - dependency-name: react-dom dependency-version: 19.2.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm-apps-web-patch-minor - dependency-name: "@applitools/eyes-playwright" dependency-version: 1.47.3 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-apps-web-patch-minor - dependency-name: "@chromatic-com/playwright" dependency-version: 0.14.2 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-apps-web-patch-minor - dependency-name: "@playwright/test" dependency-version: 1.60.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-apps-web-patch-minor - dependency-name: "@types/react" dependency-version: 19.2.15 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-apps-web-patch-minor - dependency-name: "@vitejs/plugin-react" dependency-version: 5.2.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-apps-web-patch-minor - dependency-name: "@vitest/coverage-v8" dependency-version: 4.1.7 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-apps-web-patch-minor - dependency-name: browserstack-node-sdk dependency-version: 1.55.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-apps-web-patch-minor - dependency-name: chromatic dependency-version: 16.10.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-apps-web-patch-minor - dependency-name: vite dependency-version: 7.3.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-apps-web-patch-minor - dependency-name: vitest dependency-version: 4.1.7 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-apps-web-patch-minor ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-05-22T21:38:40Z

Labels

The following labels could not be found: area:ci, type:chore. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

codeant-ai · 2026-05-22T21:38:45Z

Skipping PR review because a bot author is detected.

If you want to trigger CodeAnt AI, comment @codeant-ai review to trigger a manual review.

codacy-production · 2026-05-22T21:40:45Z

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

🟢 Metrics 0 complexity · 0 duplication

Metric Results

Complexity ✅ 0 (≤ 10 complexity)

Duplication ✅ 0 (≤ 0 duplication)

View in Codacy

_{NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer}
_{TIP This summary will be updated as you push new changes.}

socket-security · 2026-05-22T21:41:48Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Package	Supply Chain Security	Quality	Maintenance
browserstack-node-sdk@1.50.1 ⏵ 1.55.0	⁺⁸	⁺¹	⁺¹
@types/react@19.2.14 ⏵ 19.2.15
vitest@4.1.7
@vitest/coverage-v8@4.0.18 ⏵ 4.1.7		⁺¹¹
@applitools/eyes-playwright@1.45.0 ⏵ 1.47.3		⁺¹	⁺¹
@chromatic-com/playwright@0.12.8 ⏵ 0.14.2	^-1	⁺¹¹	⁺⁸
vite@7.3.3
react@19.2.4 ⏵ 19.2.6
chromatic@16.0.0 ⏵ 16.10.1		⁺¹
typescript@4.9.5 ⏵ 5.9.3	⁺¹
@vitejs/plugin-react@5.1.4 ⏵ 5.2.0			^-1
react-dom@19.2.4 ⏵ 19.2.6
@playwright/test@1.58.2 ⏵ 1.60.0

View full report

socket-security · 2026-05-22T21:41:50Z

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert (click "▶" to expand/collapse)
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `browserstack-node-sdk` is 100.0% likely obfuscated Confidence: 1.00 Location: Package overview From: apps/web/package-lock.json → `npm/browserstack-node-sdk@1.55.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/browserstack-node-sdk@1.55.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
See 170 more rows in the dashboard

View full report

sentry · 2026-05-22T21:45:07Z

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

dependabot Bot added the dependencies Pull requests that update a dependency file label May 22, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the npm-apps-web-patch-minor group across 1 directory with 12 updates#181

chore(deps): bump the npm-apps-web-patch-minor group across 1 directory with 12 updates#181
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/apps/web/npm-apps-web-patch-minor-a3aad77ca8

dependabot Bot commented on behalf of github May 22, 2026 •

edited by cubic-dev-ai Bot

Loading

Uh oh!

dependabot Bot commented on behalf of github May 22, 2026

Uh oh!

codeant-ai Bot commented May 22, 2026

Uh oh!

codacy-production Bot commented May 22, 2026

Uh oh!

socket-security Bot commented May 22, 2026

Uh oh!

socket-security Bot commented May 22, 2026

Uh oh!

sentry Bot commented May 22, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github May 22, 2026 • edited by cubic-dev-ai Bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

19.2.6 (May 6th, 2026)

React Server Components

19.2.5 (April 8th, 2026)

React Server Components

19.2.6 (May 6th, 2026)

React Server Components

19.2.5 (April 8th, 2026)

React Server Components

@​chromatic-com/playwright@​0.14.2

Patch Changes

@​chromatic-com/playwright@​0.14.1

Patch Changes

@​chromatic-com/playwright@​0.14.0

Minor Changes

@​chromatic-com/playwright@​0.13.4

Patch Changes

@​chromatic-com/playwright@​0.13.3

Patch Changes

@​chromatic-com/playwright@​0.13.2

Patch Changes

@​chromatic-com/playwright@​0.13.1

Patch Changes

@​chromatic-com/playwright@​0.13.0

Minor Changes

Patch Changes

0.14.2

Patch Changes

0.14.1

Patch Changes

0.14.0

Minor Changes

0.13.4

Patch Changes

0.13.3

Patch Changes

0.13.2

Patch Changes

0.13.1

Patch Changes

0.13.0

Minor Changes

Patch Changes

v1.60.0

🌐 HAR recording on Tracing

🪝 Drop API

🎯 Aria snapshots

🛑 test.abort()

New APIs

Browser, Context and Page

plugin-react@5.2.0

Add Vite 8 to peerDependencies range #1143

5.2.0 (2026-03-12)

Add Vite 8 to peerDependencies range #1143

v4.1.7

🐞 Bug Fixes

View changes on GitHub

v4.1.6

🐞 Bug Fixes

🏎 Performance

View changes on GitHub

v4.1.5

🚀 Experimental Features

🐞 Bug Fixes

View changes on GitHub

v4.1.4

🚀 Experimental Features

v16.10.1

🐛 Bug Fix

Authors: 2

v16.10.0

🚀 Enhancement

🐛 Bug Fix

Authors: 4

v16.9.1

🐛 Bug Fix

Authors: 1

v16.9.0

dependabot Bot commented on behalf of github May 22, 2026 •

edited by cubic-dev-ai Bot

Loading

`@chromatic-com/playwright@0`.14.2

`@chromatic-com/playwright@0`.14.1

`@chromatic-com/playwright@0`.14.0

`@chromatic-com/playwright@0`.13.4

`@chromatic-com/playwright@0`.13.3

`@chromatic-com/playwright@0`.13.2

`@chromatic-com/playwright@0`.13.1

`@chromatic-com/playwright@0`.13.0