chore(deps): bump the production-dependencies group across 1 directory with 7 updates

[dependabot]

Bumps the production-dependencies group with 7 updates in the / directory:

Package	From	To
@sentry/react	10.43.0	10.48.0
@tanstack/react-query	5.90.21	5.99.0
cytoscape	3.33.1	3.33.2
react	19.2.4	19.2.5
react-dom	19.2.4	19.2.5
react-router	7.13.1	7.14.0
recharts	3.8.0	3.8.1

Updates @sentry/react from 10.43.0 to 10.48.0

Release notes

Sourced from @​sentry/react's releases.

10.48.0

Important Changes

• feat(aws-serverless): Ship Lambda extension in npm package for container image Lambdas (#20133)

  The Sentry Lambda extension is now included in the npm package, enabling container image-based Lambda functions to use it. Copy the extension files into your Docker image and set the tunnel option:

  RUN mkdir -p /opt/sentry-extension
  COPY node_modules/@sentry/aws-serverless/build/lambda-extension/sentry-extension /opt/extensions/sentry-extension
  COPY node_modules/@sentry/aws-serverless/build/lambda-extension/index.mjs /opt/sentry-extension/index.mjs
  RUN chmod +x /opt/extensions/sentry-extension /opt/sentry-extension/index.mjs

  Sentry.init({
    dsn: '__DSN__',
    tunnel: 'http://localhost:9000/envelope',
  });

  This works with any Sentry SDK (@sentry/aws-serverless, @sentry/sveltekit, @sentry/node, etc.).

• feat(cloudflare): Support basic WorkerEntrypoint (#19884)

  withSentry now supports instrumenting classes extending Cloudflare's WorkerEntrypoint. This instruments fetch, scheduled, queue, and tail handlers.

  import * as Sentry from '@sentry/cloudflare';
  import { WorkerEntrypoint } from 'cloudflare:workers';
  class MyWorker extends WorkerEntrypoint {
  async fetch(request: Request): Promise<Response> {
  return new Response('Hello World!');
  }
  }
  export default Sentry.withSentry(env => ({ dsn: env.SENTRY_DSN, tracesSampleRate: 1.0 }), MyWorker);

• ref(core): Unify .do* span ops to gen_ai.generate_content (#20074)

  All Vercel AI do* spans (ai.generateText.doGenerate, ai.streamText.doStream, ai.generateObject.doGenerate, ai.streamObject.doStream) now use a single unified span op gen_ai.generate_content instead of separate ops like gen_ai.generate_text, gen_ai.stream_text, gen_ai.generate_object, and gen_ai.stream_object.

• ref(core): Remove provider-specific AI span attributes in favor of gen_ai attributes in sentry conventions (#20011)

  The following provider-specific span attributes have been removed from the OpenAI and Anthropic AI integrations. Use the standardized gen_ai.* equivalents instead:

  Removed attribute	Replacement

... (truncated)

Changelog

Sourced from @​sentry/react's changelog.

10.48.0

Important Changes

• feat(aws-serverless): Ship Lambda extension in npm package for container image Lambdas (#20133)

  The Sentry Lambda extension is now included in the npm package, enabling container image-based Lambda functions to use it. Copy the extension files into your Docker image and set the tunnel option:

  RUN mkdir -p /opt/sentry-extension
  COPY node_modules/@sentry/aws-serverless/build/lambda-extension/sentry-extension /opt/extensions/sentry-extension
  COPY node_modules/@sentry/aws-serverless/build/lambda-extension/index.mjs /opt/sentry-extension/index.mjs
  RUN chmod +x /opt/extensions/sentry-extension /opt/sentry-extension/index.mjs

  Sentry.init({
    dsn: '__DSN__',
    tunnel: 'http://localhost:9000/envelope',
  });

  This works with any Sentry SDK (@sentry/aws-serverless, @sentry/sveltekit, @sentry/node, etc.).

• feat(cloudflare): Support basic WorkerEntrypoint (#19884)

  withSentry now supports instrumenting classes extending Cloudflare's WorkerEntrypoint. This instruments fetch, scheduled, queue, and tail handlers.

  import * as Sentry from '@sentry/cloudflare';
  import { WorkerEntrypoint } from 'cloudflare:workers';
  class MyWorker extends WorkerEntrypoint {
  async fetch(request: Request): Promise<Response> {
  return new Response('Hello World!');
  }
  }
  export default Sentry.withSentry(env => ({ dsn: env.SENTRY_DSN, tracesSampleRate: 1.0 }), MyWorker);

• ref(core): Unify .do* span ops to gen_ai.generate_content (#20074)

  All Vercel AI do* spans (ai.generateText.doGenerate, ai.streamText.doStream, ai.generateObject.doGenerate, ai.streamObject.doStream) now use a single unified span op gen_ai.generate_content instead of separate ops like gen_ai.generate_text, gen_ai.stream_text, gen_ai.generate_object, and gen_ai.stream_object.

• ref(core): Remove provider-specific AI span attributes in favor of gen_ai attributes in sentry conventions (#20011)

  The following provider-specific span attributes have been removed from the OpenAI and Anthropic AI integrations. Use the standardized gen_ai.* equivalents instead:

  | Removed attribute | Replacement |

... (truncated)

Commits

• a67df4d release: 10.48.0
• e0732ff Merge pull request #20172 from getsentry/prepare-release/10.48.0
• d1ee40f meta(changelog): Update changelog for 10.48.0
• 2897297 feat(nuxt): Exclude tracing meta tags on cached pages in Nuxt 5 (#20168)
• 1cc3dd0 chore(deps-dev): Bump effect from 3.20.0 to 3.21.0 (#19999)
• c273167 fix(core): Fix withStreamedSpan typing error add missing exports (#20124)
• b6f7b86 feat(core): Apply ignoreSpans to streamed spans (#19934)
• 7bd8449 test(node,node-core): Add span streaming integration tests (#19806)
• 51fc6d1 feat(node-core): Add POtel server-side span streaming implementation (#19741)
• 77357c7 fix(core): Replace global interval with trace-specific interval based flushin...
• Additional commits viewable in compare view

Updates @tanstack/react-query from 5.90.21 to 5.99.0

Release notes

Sourced from @​tanstack/react-query's releases.

@​tanstack/react-query-devtools@​5.99.0

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-devtools@​5.99.0
  • @​tanstack/react-query@​5.99.0

@​tanstack/react-query-next-experimental@​5.99.0

Patch Changes

• Updated dependencies []:
  • @​tanstack/react-query@​5.99.0

@​tanstack/react-query-persist-client@​5.99.0

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-persist-client-core@​5.99.0
  • @​tanstack/react-query@​5.99.0

@​tanstack/react-query@​5.99.0

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.99.0

@​tanstack/react-query-devtools@​5.98.0

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-devtools@​5.98.0
  • @​tanstack/react-query@​5.98.0

@​tanstack/react-query-next-experimental@​5.98.0

Patch Changes

• Updated dependencies []:
  • @​tanstack/react-query@​5.98.0

@​tanstack/react-query-persist-client@​5.98.0

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-persist-client-core@​5.98.0
  • @​tanstack/react-query@​5.98.0

@​tanstack/react-query@​5.98.0

Patch Changes

• Updated dependencies []:

... (truncated)

Changelog

Sourced from @​tanstack/react-query's changelog.

5.99.0

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.99.0

5.98.0

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.98.0

5.97.0

Patch Changes

• Updated dependencies [2bfb12c]:
  • @​tanstack/query-core@​5.97.0

5.96.2

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.96.2

5.96.1

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.96.1

5.96.0

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.96.0

5.95.2

Patch Changes

• Updated dependencies [cd5a35b]:
  • @​tanstack/query-core@​5.95.2

5.95.1

... (truncated)

Commits

• adc2543 ci: Version Packages (#10454)
• 6040278 ci: Version Packages (#10451)
• 125067c ci: Version Packages (#10436)
• f699190 test(react-query): replace hardcoded query keys with 'queryKey()' utility (#1...
• f3d3eea test(*): replace deprecated 'toMatchTypeOf' with 'toExtend' (#10413)
• 3d6e001 test(react-query/useSuspenseQueries): replace 'async/await sleep' with 'sleep...
• 7d7a21c test(react-query): replace 'async/await sleep' with 'sleep().then()' in test ...
• 5ca721f ci: Version Packages (#10379)
• 75052a7 ci: Version Packages (#10370)
• 73e783b ci: Version Packages (#10364)
• Additional commits viewable in compare view

Updates cytoscape from 3.33.1 to 3.33.2

Release notes

Sourced from cytoscape's releases.

v3.33.2

Release version v3.33.2

Commits

• 5e46557 3.33.2
• d790c9e Build 3.33.2
• 2e50aca Docs: Add 3.33.2 to versions.json
• 9e7841e Merge branch 'unstable' into 'master'
• 31e2cfd Merge branch 'fix/polygon-miter-bounds' into unstable
• 34ecc63 Merge pull request #3432 from LeeBhin/fix/polygon-miter-bounds
• 816e980 Merge pull request #3433 from jmg421/docs/fix-es5-esm-description
• 37bf20a Merge pull request #3435 from jmg421/docs/fix-readme-build-targets
• a3bd0ff Move polygon bounds tests from Mocha to Playwright suite
• 9a33f6a docs: fix build target list in README (umd listed twice, missing cjs)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by mikekucera, a new releaser for cytoscape since your current version.

Updates react from 19.2.4 to 19.2.5

Release notes

Sourced from react's releases.

19.2.5 (April 8th, 2026)

React Server Components

• Add more cycle protections (#36236 by @​eps1lon and @​unstubbable)

Commits

• 23f4f9f 19.2.5
• See full diff in compare view

Updates react-dom from 19.2.4 to 19.2.5

Release notes

Sourced from react-dom's releases.

19.2.5 (April 8th, 2026)

React Server Components

• Add more cycle protections (#36236 by @​eps1lon and @​unstubbable)

Commits

• 23f4f9f 19.2.5
• See full diff in compare view

Updates react-router from 7.13.1 to 7.14.0

Release notes

Sourced from react-router's releases.

v7.14.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7140

v7.13.2

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7132

Changelog

Sourced from react-router's changelog.

7.14.0

Patch Changes

• UNSTABLE RSC FRAMEWORK MODE BREAKING CHANGE - Existing route module exports remain unchanged from stable v7 non-RSC mode, but new exports are added for RSC mode. If you want to use RSC features, you will need to update your route modules to export the new annotations. (#14901)

  If you are using RSC framework mode currently, you will need to update your route modules to the new conventions. The following route module components have their own mutually exclusive server component counterparts:

  Server Component Export	Client Component
  ServerComponent	default
  ServerErrorBoundary	ErrorBoundary
  ServerLayout	Layout
  ServerHydrateFallback	HydrateFallback

  If you were previously exporting a ServerComponent, your ErrorBoundary, Layout, and HydrateFallback were also server components. If you want to keep those as server components, you can rename them and prefix them with Server. If you were previously importing the implementations of those components from a client module, you can simply inline them.

  Example:

  Before

  import { ErrorBoundary as ClientErrorBoundary } from "./client";
  export function ServerComponent() {
  // ...
  }
  export function ErrorBoundary() {
  return <ClientErrorBoundary />;
  }
  export function Layout() {
  // ...
  }
  export function HydrateFallback() {
  // ...
  }

  After

  export function ServerComponent() {
    // ...
  }
  export function ErrorBoundary() {
  // previous implementation of ClientErrorBoundary, this is now a client component

... (truncated)

Commits

• e31077b chore: Update version for release (#14945)
• 6683e85 chore: Update version for release (pre) (#14943)
• 49a2ed5 Merge branch 'main' into release-next
• e8b3c3a feat: RSC framework mode prerender (#14907)
• 82eca19 docs: clarify useViewTransitionState matches to or from path (#14922)
• d439188 feat:! new RSC framework mode module API (#14901)
• 98641e2 feat: rsc prefetch (#14902)
• 903d924 chore: format
• 0d57748 Merge branch 'release-next' into dev
• 921db15 chore: format
• Additional commits viewable in compare view

Updates recharts from 3.8.0 to 3.8.1

Release notes

Sourced from recharts's releases.

v3.8.1

What's Changed

Bugfixes!

• fix(z-index): prevent elements from disappearing during dynamic zIndex transitions by @​VIDHITTS in recharts/recharts#7006
• fix: prevent tooltip flicker in syncMethod="value" with mismatched data arrays by @​roy7 in recharts/recharts#7020
• docs: add missing SVG props documentation to PolarGrid #3400 by @​ramanverse in recharts/recharts#6987
• fix: add cursor prop type to BaseChartProps by @​mixelburg in recharts/recharts#7065
• fix: restore arrow key navigation when active index is outside zoomed… by @​AbishekRaj2007 in recharts/recharts#7086
• Add test for ticks spacing by @​VIDHITTS in recharts/recharts#7082
• fix(Pie): skip minAngle redistribution when no segment needs it by @​Harikrushn9118 in recharts/recharts#7097
• fix(DefaultLegendContent): use entry.value for aria-label when formatter returns React element by @​mixelburg in recharts/recharts#7109
• fix(PolarRadiusAxis): update ticks prop type by @​PavelVanecek in recharts/recharts#7112
• fix: PieChart double padding gap when a data item has value 0 by @​Copilot in recharts/recharts#7113
• Add boxplot example by @​PavelVanecek in recharts/recharts#7130
• [fix] Update ticks calculator and domain extension by @​PavelVanecek in recharts/recharts#7146
• fix: guard against non-function d3-scale exports in getD3ScaleFromType by @​tdebarochez in recharts/recharts#7123
• fix: stackOffset expand should not override numerical XAxis domain by @​SeaL773 in recharts/recharts#7152
• fix: resolve keyboard navigation and tooltip issues for Pie charts (#6921) by @​olagokemills in recharts/recharts#7140
• fix(Tooltip): prevent crash on sparse or undefined payload entries by @​Om-Mishra09 in recharts/recharts#7149
• fix(RechartsWrapper): prevent ResizeObserver memory leak on ref update by @​Om-Mishra09 in recharts/recharts#7161

New Contributors

• @​AbishekRaj2007 made their first contribution in recharts/recharts#7086
• @​tdebarochez made their first contribution in recharts/recharts#7123
• @​SeaL773 made their first contribution in recharts/recharts#7152
• @​olagokemills made their first contribution in recharts/recharts#7140

Full Changelog: recharts/recharts@v3.8.0...v3.8.1

Commits

• 5b10788 chore(deps-dev): bump diff from 8.0.3 to 8.0.4 (#7156)
• 222396f chore(deps): bump react-router-dom from 7.13.1 to 7.13.2 (#7164)
• c2642da chore(deps-dev): bump typescript-eslint from 8.57.1 to 8.57.2 (#7166)
• b186929 fix(RechartsWrapper): prevent ResizeObserver memory leak on ref update (#7161)
• 738f71f fix(Tooltip): prevent crash on sparse or undefined payload entries (#7149)
• 00daf0b chore(deps-dev): bump rollup from 4.59.0 to 4.60.0 (#7158)
• eba4f2a chore(deps-dev): bump marked from 17.0.4 to 17.0.5 (#7157)
• 201d060 fix: resolve keyboard navigation and tooltip issues for Pie charts (#6921) (#...
• 670d092 chore(deps-dev): bump flatted from 3.3.3 to 3.4.2 (#7150)
• 86ca8de fix: stackOffset expand should not override numerical XAxis domain (#7152)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by corkscreewe, a new releaser for recharts since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.