Sourced from react's releases.

19.2.7 (June 1st, 2026)

React Server Components

• Fixed missing FormData entries in Server Actions which regressed in 19.2.6 (#36566 by @​unstubbable)

• 6117d7c Version 19.2.7 (#36591)
• See full diff in compare view

This version was pushed to npm by GitHub Actions, a new releaser for react since your current version.

Sourced from react-dom's releases.

19.2.7 (June 1st, 2026)

React Server Components

• Fixed missing FormData entries in Server Actions which regressed in 19.2.6 (#36566 by @​unstubbable)

• 6117d7c Version 19.2.7 (#36591)
• See full diff in compare view

This version was pushed to npm by GitHub Actions, a new releaser for react-dom since your current version.

Sourced from @​dnd-kit/dom's releases.

@​dnd-kit/dom@​0.5.0

Minor Changes

• #2046 f23afe0 Thanks @​aidenfoxx! - Updated OptimisticSortingPlugin to support non-contiguous sortable indexes.

• #2058 2dd8d0e Thanks @​timagixe! - Allow useSortable, createSortable and Sortable to disable dragging and dropping independently with a disabled object while preserving the existing boolean behavior.

Patch Changes

• #2057 e25b1b1 Thanks @​timagixe! - Allow pointer dragging from descendants of interactive draggable elements, such as text inside sortable anchor elements.

• #2020 00fd955 Thanks @​namgi2386! - Fix DragOverlay flickering after drop

• #2079 e4792f3 Thanks @​silence717! - Fix TypeError: Cannot read properties of undefined (reading 'split') in parseScale/parseTranslate on browsers that do not support the individual scale/translate CSS transform properties (Chromium < 104), where getComputedStyle returns undefined instead of 'none'.

• Updated dependencies [e4d1a7e]:

  • @​dnd-kit/abstract@​0.5.0
  • @​dnd-kit/collision@​0.5.0
  • @​dnd-kit/geometry@​0.5.0
  • @​dnd-kit/state@​0.5.0

• cc98bdd Merge pull request #2022 from clauderic/changeset-release/main
• f2b2135 Version Packages
• 32d2c66 Merge pull request #2067 from Philipp91/patch-1
• 8691737 Merge pull request #2074 from timagixe/issues/2065
• c04d797 Merge pull request #2079 from silence717/fix/parse-transform-undefined
• 051fec0 Merge pull request #2063 from albertonoys/fix/docs-navigation-links
• e4792f3 fix(dom): guard parseScale/parseTranslate against undefined transform values
• e4d1a7e Supply correct Options type in return type of plugin configurator()
• 90ddfcd fix(helpers): support numeric group IDs in grouped move
• 737d3e5 fix(docs): fix malformed navigation links in plugins and sensors section
• Additional commits viewable in compare view

Sourced from @​dnd-kit/react's releases.

@​dnd-kit/react@​0.5.0

Minor Changes

• #2058 2dd8d0e Thanks @​timagixe! - Allow useSortable, createSortable and Sortable to disable dragging and dropping independently with a disabled object while preserving the existing boolean behavior.

Patch Changes

• #2021 de5a0f4 Thanks @​lixiaoyan! - Fixed useDraggable and useSortable reassigning the underlying entity's sensors on every render when sensors was passed as an inline array. The sensors prop is now compared with deepEqual (matching the existing behavior of modifiers, plugins, and DragDropProvider), preventing unnecessary mutations to the plugin registry that could disrupt in-progress sensor activation.

• #2043 a6bd445 Thanks @​clauderic! - Include sourcemap files in published packages. The build emits .map files alongside each entry point and writes //# sourceMappingURL=... comments into the bundles, but the files field in package.json did not list the maps, so they were excluded from the npm tarball. Bundlers attempting to load the referenced maps would fail with ENOENT, producing warnings (or build failures in strict CI setups).

• Updated dependencies [e4d1a7e, e25b1b1, 00fd955, e4792f3, f23afe0, 2dd8d0e]:

  • @​dnd-kit/abstract@​0.5.0
  • @​dnd-kit/dom@​0.5.0
  • @​dnd-kit/state@​0.5.0

• cc98bdd Merge pull request #2022 from clauderic/changeset-release/main
• f2b2135 Version Packages
• 32d2c66 Merge pull request #2067 from Philipp91/patch-1
• 8691737 Merge pull request #2074 from timagixe/issues/2065
• c04d797 Merge pull request #2079 from silence717/fix/parse-transform-undefined
• 051fec0 Merge pull request #2063 from albertonoys/fix/docs-navigation-links
• e4792f3 fix(dom): guard parseScale/parseTranslate against undefined transform values
• e4d1a7e Supply correct Options type in return type of plugin configurator()
• 90ddfcd fix(helpers): support numeric group IDs in grouped move
• 737d3e5 fix(docs): fix malformed navigation links in plugins and sensors section
• Additional commits viewable in compare view

Sourced from @​dicebear/core's releases.

DiceBear 10.3 - Release Notes

For 10.3 we searched public code on GitHub to find which language was calling the DiceBear API the most without a native library of its own. The answer was Dart, mostly from Flutter apps: DiceBear now speaks Dart 🎯

That makes six official implementations: JavaScript, PHP, Python, Rust, Go, and now Dart. The API is the same in all of them, and the same seed and style definition produce byte-identical SVGs everywhere.

🎯 Dart Support

DiceBear is now available as a Dart package (Dart 3.4+), and it runs in Flutter apps too. As with the other languages, you need two packages: the core library dicebear_core and the avatar style definitions dicebear_styles. Each style is a string constant in its own library, so a compiled app only embeds the styles it actually imports.

• https://www.dicebear.com/how-to-use/dart-library/
• https://pub.dev/packages/dicebear_core
• https://pub.dev/packages/dicebear_styles

Example:

dart pub add dicebear_core
dart pub add dicebear_styles

import 'package:dicebear_core/dicebear_core.dart';
import 'package:dicebear_styles/lorelei.dart';
final style = Style.parse(lorelei);
final avatar = Avatar(style, {
'seed': 'Felix',
// ... other options
});
final svg = avatar.svg;

🧩 The same Avatar(style, …) call everywhere

Dart, Rust, and Go already required you to wrap a definition in a Style before building an avatar. With this release the JavaScript, PHP, and Python libraries move the same way, so every port now constructs an avatar with the same Avatar(style, options) call.

Passing a raw style definition straight to Avatar is therefore deprecated in JavaScript, PHP, and Python. Wrap it in a Style first:

import { Style, Avatar } from '@dicebear/core';
import lorelei from '@dicebear/styles/lorelei.json' with { type: 'json' };
const style = new Style(lorelei);
const avatar = new Avatar(style, { seed: 'Felix' });

The old definition input still works and renders identically, but it now emits a deprecation warning (a one-time console.warn in JS, E_USER_DEPRECATED in PHP, DeprecationWarning in Python) and will be removed in v11. Building the Style once also lets you reuse it across many avatars instead of re-validating the definition every time.

... (truncated)

Sourced from @​dicebear/core's changelog.

[10.3.0] - 2026-06-13

Added

• Core: Every rendered SVG now starts with the generator comment <!-- Generated by DiceBear (https://dicebear.com) --> as the first child of the root <svg> element. The comment is byte-identical across the JavaScript, PHP, Python, Rust, Go, and Dart libraries. The byte output of every avatar changes as a result, including data URIs and content hashes, so consumers that compare rendered SVGs against stored snapshots need to update them. SVG optimizers that strip comments (e.g. SVGO with default settings) remove it again.
• Dart library: A new Dart implementation (the dicebear_core package) that produces identical output to the JavaScript library when given the same styles and options. It validates style definitions and options against the shared schemas (via dicebear_schema) and pairs with the dicebear_styles package.
• Core (PHP, Python): Added Style::fromJson() (PHP) and Style.from_json() (Python) to build a style from a raw JSON string without a separate json_decode(..., true) / json.loads(...) call. Malformed JSON raises the language's native parse error (JsonException / json.JSONDecodeError); an invalid definition raises the usual StyleValidationError. Mirrors Style::from_str (Rust) and Style.parse (Dart); the existing array/dict constructor is unchanged.

Deprecated

• Core (JS, PHP, Python): Passing a raw style definition to Avatar is deprecated; pass a Style instead (new Avatar(new Style(definition), options)), which also lets you reuse one parsed style across many avatars. The definition still works for now and renders identically, but emits a deprecation warning (a one-time console.warn in JS, E_USER_DEPRECATED in PHP, DeprecationWarning in Python) and will be removed in v11. The Dart, Rust and Go libraries already require a Style, so this brings every port to the same Avatar(style, …) call.

[10.2.0] - 2026-06-10

Added

• Go library: A new Go implementation (the github.com/dicebear/dicebear-go/v10 module) that produces identical output to the JavaScript library when given the same styles and options.

Fixed

• Core: Color.luminance() now derives the sRGB linearization from a precomputed lookup table (one entry per 8-bit channel value) instead of calling pow at runtime. pow is not required to be correctly rounded and

... (truncated)

• 19387fd v10.3.0
• fa2d087 fix: keep the Dart and Python packages green on their CI lower bounds
• 5b5aaff refactor: improve clarity and consistency in component descriptions and comments
• 5f52e37 feat(core)!: require a Style when constructing an Avatar (deprecate raw defin...
• c17bcb7 docs: construct an explicit Style in the JS examples
• 56b7576 feat(core): add Style::fromJson (PHP) and Style.from_json (Python)
• 8120316 feat(dart): add the Dart core port (dicebear_core)
• 3b37bfe Add a DiceBear generator comment to rendered avatars
• 00c0149 docs: update README
• d0931c8 Polish docs wording and apply Prettier formatting
• Additional commits viewable in compare view

Sourced from @​dnd-kit/helpers's releases.

@​dnd-kit/helpers@​0.5.0

Patch Changes

• #2074 90ddfcd Thanks @​timagixe! - Fix grouped record sorting with numeric group IDs

• #2027 a7ee830 Thanks @​sourabh945! - fix a check for the 'id' in items that causing TypeError in SortableContext add the gaurdrail for chekcing the item is not null.

• Updated dependencies [e4d1a7e]:

  • @​dnd-kit/abstract@​0.5.0

• cc98bdd Merge pull request #2022 from clauderic/changeset-release/main
• f2b2135 Version Packages
• 32d2c66 Merge pull request #2067 from Philipp91/patch-1
• 8691737 Merge pull request #2074 from timagixe/issues/2065
• c04d797 Merge pull request #2079 from silence717/fix/parse-transform-undefined
• 051fec0 Merge pull request #2063 from albertonoys/fix/docs-navigation-links
• e4792f3 fix(dom): guard parseScale/parseTranslate against undefined transform values
• e4d1a7e Supply correct Options type in return type of plugin configurator()
• 90ddfcd fix(helpers): support numeric group IDs in grouped move
• 737d3e5 fix(docs): fix malformed navigation links in plugins and sensors section
• Additional commits viewable in compare view

Sourced from lucide-react's releases.

Version 1.21.0

What's Changed

• ci(release.yml): Remove new-version in release flow by @​ericfennis in lucide-icons/lucide#4478
• ci(release.yml): Fix workflow and remove version scripts in package scripts by @​ericfennis in lucide-icons/lucide#4479
• fix(docs): rename navigation category label by @​Hsiii in lucide-icons/lucide#4483
• feat(icons): added broken-bone icon by @​Patolord in lucide-icons/lucide#4131

New Contributors

• @​Hsiii made their first contribution in lucide-icons/lucide#4483
• @​Patolord made their first contribution in lucide-icons/lucide#4131

Full Changelog: lucide-icons/lucide@1.20.0...1.21.0

Version 1.20.0

What's Changed

• fix(icons): decreased size of arrows inside square-arrow-* icons by @​jguddas in lucide-icons/lucide#3926
• chore(tags): Add tags to search- icons by @​jamiemlaw in lucide-icons/lucide#4099
• feat(icons): added save-check icon by @​Konixy in lucide-icons/lucide#3120
• feat(icons): added tag-plus and tag-x icons by @​adam-kov in lucide-icons/lucide#3980
• feat(icons): added banknote-check icon by @​mfjramirezf in lucide-icons/lucide#3956
• feat(icons): added clock-arrow-in icon by @​jguddas in lucide-icons/lucide#2403
• feat(icons): added summary icon by @​jpjacobpadilla in lucide-icons/lucide#3114
• feat(icons): added user-round-arrow-in icon by @​jguddas in lucide-icons/lucide#2283
• feat(icons): added clock-arrow-out icon by @​jguddas in lucide-icons/lucide#2404
• docs(docs): fix broken Svelte package source link in README by @​SRKrukowski in lucide-icons/lucide#4468
• chore(deps-dev): bump @​angular/compiler from 21.2.5 to 21.2.17 by @​dependabot[bot] in lucide-icons/lucide#4474
• chore(deps-dev): bump @​angular/core from 21.2.5 to 21.2.17 by @​dependabot[bot] in lucide-icons/lucide#4470
• chore(deps-dev): bump vitest from 4.0.12 to 4.1.0 by @​dependabot[bot] in lucide-icons/lucide#4429
• chore(deps-dev): bump markdown-it from 14.1.1 to 14.2.0 by @​dependabot[bot] in lucide-icons/lucide#4475
• chore(deps-dev): bump @​angular/common from 21.2.5 to 21.2.17 by @​dependabot[bot] in lucide-icons/lucide#4471
• feat(icons): added pencil-sparkles icon by @​jennieboops in lucide-icons/lucide#4445

New Contributors

• @​Konixy made their first contribution in lucide-icons/lucide#3120
• @​adam-kov made their first contribution in lucide-icons/lucide#3980
• @​mfjramirezf made their first contribution in lucide-icons/lucide#3956
• @​SRKrukowski made their first contribution in lucide-icons/lucide#4468
• @​jennieboops made their first contribution in lucide-icons/lucide#4445

Full Changelog: lucide-icons/lucide@1.19.0...1.20.0

Version 1.19.0

What's Changed

• chore(deps): upgrade pnpm to version 11.6.0 by @​ericfennis in lucide-icons/lucide#4458
• feat(icons): added star-* icons by @​RajnishKMehta in lucide-icons/lucide#3918
• chore(suggest-tags): Update metadata suggestion script by @​ericfennis in lucide-icons/lucide#4462
• feat(icons): added save-pen icon by @​vaporvee in lucide-icons/lucide#4179
• feat(icons): added wrench-off icon by @​nilsjonsson in lucide-icons/lucide#4434
• feat(icons): added ad icon by @​jamiemlaw in lucide-icons/lucide#4323
• feat(icons): added eye-dashed icon by @​karsa-mistmere in lucide-icons/lucide#4415

... (truncated)

• 5ff536e ci(release.yml): Fix workflow and remove version scripts in package scripts...
• See full diff in compare view

Sourced from next's releases.

v16.2.9

Empty release to ensure next@latest points at a stable release. Next.js only allows publishing with Trusted Publishing enabled. In order to fix NPM dist-tags, we have to release a new version. Updating dist-tags is not possible with Trusted Publishing.

v16.2.8

Release with no changes in an attempt to fix next@latest pointing at a prerelease version.

v16.2.7

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Backport documentation fixes for v16.2 (#93804)
• [backport] Patch playwright-core to resolve _finishedPromise on requestFailed (#93920)
• [backport] Fix dev mode hydration failure when page is served from HTTP cache (#93492)
• [backport] Fix catch-all router.query corruption with basePath + rewrites (#93917)
• [backport] Encode non-ASCII characters in cache tags at construction (#93918)
• [backport] Fix server action forwarding loop with middleware rewrites (#93919)
• [backport] Turbopack: switch from base40 to base38 hash encoding (#93932)
• [ci] Disable hanging node 24 typescript tests on 16.2 backport branch (#94164)
• [backport] Fix "type: module" in project dir when using standalone or adapters (#94050)
• [backport] Propagate adapter preferred regions (#94200)
• [16.2.x] Don't drop FormData entries (#94240)
• [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (#94284)

Credits

Huge thanks to @​eps1lon, @​icyJoseph, @​unstubbable, @​mischnic, @​bgw, @​timneutkens, and @​lukesandberg for helping!

v16.2.6

[!NOTE] This release contains security fixes and backported bug fixes. It does not include all pending features/changes on canary.

Security Fixes

The following advisories have been addressed:

High:

• GHSA-8h8q-6873-q5fj: Denial of Service with Server Components
• GHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes
• GHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up
• GHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components
• GHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection
• GHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades
• GHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n

Moderate:

• GHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces
• GHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input
• GHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API

... (truncated)

• f37fad9 v16.2.9
• d9aaaed [cd] Allow tagging semver-lower releases as @latest if @latest po… (#94627)
• 6f16804 v16.2.8
• 0dbc1d5 [16.2.x][cd] Ensure release can be triggered on old branches (#94598)
• 90e3c81 [16.2.x] Align Actions dependencies with Canary (#94339)
• 83f402c [16.2.x][cd] Stop fetching all tags when searching parent tag (#94334)
• 411c455 v16.2.7
• c63224f [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolut...
• 63115c7 [16.2.x] Don't drop FormData entries (#94240)
• aef22fd [backport] Propagate adapter preferred regions (#94200)
• Additional commits viewable in compare view