Skip to content

fix(deps): update sanity monorepo to v6 (main)#2294

Open
squiggler-app[bot] wants to merge 1 commit into
mainfrom
renovate/main-major-6-sanity-monorepo
Open

fix(deps): update sanity monorepo to v6 (main)#2294
squiggler-app[bot] wants to merge 1 commit into
mainfrom
renovate/main-major-6-sanity-monorepo

Conversation

@squiggler-app

@squiggler-app squiggler-app Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Change Age Confidence
groq (source) ^3.99.0^6.4.0 age confidence
sanity (source) ^3.99.0^6.4.0 age confidence

Release Notes

sanity-io/sanity (groq)

v6.4.0

Compare Source

Sanity Studio v6.4.0

This release includes various improvements and bug fixes.

For the complete changelog with all details, please visit:
www.sanity.io/changelog/studio-Ni4zLjA

Install or upgrade Sanity Studio

To upgrade to this version, run:

npm install sanity@latest

To initiate a new Sanity Studio project or learn more about upgrading, please refer to our comprehensive guide on Installing and Upgrading Sanity Studio.

📓 Full changelog

Author Message Commit
squiggler-app[bot] chore(deps): update dependency @​sanity/visual-editing-csm to ^3.0.10 (#​13417) 1038d73
squiggler-app[bot] chore(deps): update dependency @​sanity/functions to v1.4.0 (#​13423) 7a8c0dd
squiggler-app[bot] fix(deps): update portabletext (#​13441) 064bb11
squiggler-app[bot] chore(deps): update dependency turbo to ^2.10.1 (#​13425) f8ae2cf
squiggler-app[bot] fix(deps): update linters (#​13422) e512bbb
@​pedrobonamin fix(core): updates array i18n efps test to use langauge (#​13436) b716a60
@​stipsan fix(core): allow pasting references to documents that only exist in a release (#​13399) 8072fbc
@​bjoerge fix(sanity): delegate document pair snapshot fetch failures to the re… (#​13432) 03cf5d0
@​pedrobonamin refactor(variants): use sanity::partOfVariant for document queries (#​13430) d4a12a8
@​stipsan refactor(sanity): replace classnames with clsx (#​13415) 20d3e72
@​juice49 test(efps): improve caret handling (#​13435) af7d569
@​juice49 test(efps): improve pte measurement stability (#​13435) aef1605
@​juice49 test(efps): harden event matching when measuring fps in input and pte (#​13435) de3416b
@​juice49 chore(sanity): expose agent bundle store directly (#​13388) a9f6079
@​juice49 chore(sanity): correct type name (#​13388) 5b995f6
@​juice49 chore(sanity): add agent bundle data to document group inventory machine (#​13388) ad42526
@​juice49 chore(sanity): filter agent bundles in document group inventory (#​13388) 2a8e8d7
@​juice49 chore(sanity): include user's most recent agent bundle in document group inventory (#​13388) 0487621
@​bjoerge fix(sanity): delegate grants request errors to request error handler (#​13427) f1a0341
@​juice49 test(sanity): mock timers in observeVersionDocumentIds to fix flakiness (#​13431) 88d60cb
@​stipsan fix(core): draw change connector when hovering image and file diffs (#​13428) 028ff93
squiggler-app[bot] chore(deps): dedupe pnpm-lock.yaml (#​13416) 2af7031
squiggler-app[bot] chore(deps): update dependency @​sanity/media-library-types to ^1.5.0 (#​13413) f253ff7
squiggler-app[bot] chore(deps): update dependency @​vanilla-extract/css to ^1.21.1 (#​13412) ce7cacc
@​stipsan fix(sanity): clear change connectors when review changes panel closes (#​13402) b1c42e4
@​bjoerge fix(releases): make virtualized table rows visible in Safari (#​13414) e83ba05
@​bjoerge fix(core): only cancel commits for known-terminal client errors (#​13396) e38afdc
squiggler-app[bot] chore(deps): dedupe pnpm-lock.yaml (#​13385) 0e0ad3d
squiggler-app[bot] chore(deps): update dependency typescript to v6 (#​13408) e5513e4
squiggler-app[bot] chore(tests): generate dts tests 🤖 ✨ (#​13411) 5222f52
@​bjoerge fix(core): force logout only on 401s tagged as session expiry (#​13394) ef537bc
squiggler-app[bot] fix(deps): update dev-non-major (#​13406) baba6d1
squiggler-app[bot] chore(tests): generate dts tests 🤖 ✨ (#​13410) 2b15108
squiggler-app[bot] fix(deps): update dependency react-rx to ^4.2.3 (#​13405) 10d1a5a
squiggler-app[bot] chore(deps): update dependency @​sanity/pkg-utils to ^10.9.0 (#​13407) bb2b35e
squiggler-app[bot] fix(deps): update dependency @​sanity/icons to v5 (#​13409) f788296
squiggler-app[bot] chore(deps): update dependency @​sanity/google-maps-input to ^6.1.1 (#​13404) 218795d
@​stipsan perf(sanity): debarrel @​sanity/icons imports (#​13393) 2e250dc
@​stipsan docs(agents): add cursor cloud setup notes for vitest tsc and dev studio auth (#​13398) 4070eaf
@​ChrisLaRocque feat(types): add user attribute types to CurrentUser (#​13395) b7b7fc1
squiggler-app[bot] chore(tests): generate dts tests 🤖 ✨ (#​13392) cf7a807
@​juice49 fix(sanity): clip document group inventory border (#​13380) e3e1245
@​bjoerge feat: improve request error handling (#​13367) b2817c1
squiggler-app[bot] chore(deps): update dependency oxfmt to ^0.57.0 (#​13382) 846ddee
squiggler-app[bot] fix(deps): update dependency @​sanity/cli to ^7.5.0 (#​13389) 24bce9d
@​bjoerge test(efps): wait for each keystroke to register before typing next (#​13391) a209448
squiggler-app[bot] chore(tests): generate dts tests 🤖 ✨ (#​13378) 82d6ff4
@​christianhg fix(portable-text): resolve render-callback schema types by path (#​13350) 4b785dc
@​christianhg fix(portable-text): collect form members at any depth (#​13350) e8af647
@​christianhg fix(portable-text): track focus into nested-container blocks (#​13350) 4c6e970
@​christianhg fix(portable-text): key the element-ref registry by full path (#​13350) 7ebc0ec
@​christianhg test(portable-text): cover focus tracking into nested-container blocks (#​13350) 24c1e7a
@​stipsan chore(deps): bump @​sanity/ui to 3.3.0 and fix polymorphic type errors (#​13383) ce38099
squiggler-app[bot] fix(deps): update dependency @​sanity/icons to ^3.7.6 (#​13384) 260a282
squiggler-app[bot] chore(deps): dedupe pnpm-lock.yaml (#​13376) 3a9eaa8
@​stipsan chore(lint): make no-unnecessary-type-assertion an error with grandfathered suppressions (#​13375) 8650c2e
@​pedrobonamin chore: restore "chore(core): deprecate useDocumentVersionInfo hook (#​13113)" (#​13334) 42826d2
@​pedrobonamin chore: restore "chore(core): variant documents creation (#​13105)" (#​13334) fd78ff2
@​pedrobonamin chore: restore "refactor(core): abstract use bundle documents , reuse for variants (#​13226)" (#​13334) f49190e

v6.3.0

Compare Source

Sanity Studio v6.3.0

This release includes various improvements and bug fixes.

For the complete changelog with all details, please visit:
www.sanity.io/changelog/studio-Ni4yLjA

Install or upgrade Sanity Studio

To upgrade to this version, run:

npm install sanity@latest

To initiate a new Sanity Studio project or learn more about upgrading, please refer to our comprehensive guide on Installing and Upgrading Sanity Studio.

📓 Full changelog

Author Message Commit
squiggler-app[bot] fix(deps): update dependency @​sanity/cli to ^7.4.2 (#​13374) 83b59b6
squiggler-app[bot] chore(deps): dedupe pnpm-lock.yaml (#​13373) 8cbf47a
squiggler-app[bot] chore(deps): update renovatebot/github-action action to v46.1.17 (#​13370) da9e9ca
squiggler-app[bot] chore(deps): update dependency @​sanity/pkg-utils to ^10.8.1 (#​13319) 93fd49b
squiggler-app[bot] chore(deps): update oxlint (#​13371) b2aa577
squiggler-app[bot] fix(deps): update playwright monorepo to v1.61.1 (#​13364) f55971f
@​stipsan fix(build): strip leftover vite hash marker from published css (#​13360) df7ab24
@​stipsan ci(e2e): remove e2e-ui workflow and sanity ui override (#​13359) 381e0ce
squiggler-app[bot] chore(deps): update dependency @​sentry/react to ^10.62.0 (#​13365) fd14dca
squiggler-app[bot] chore(deps): update dependency es-toolkit to ^1.49.0 (#​13366) da8dae1
squiggler-app[bot] chore(deps): update dependency i18next to ^26.3.3 (#​13362) 4a8a497
squiggler-app[bot] chore(deps): update dependency algoliasearch to ^5.55.1 (#​13361) f35c85d
squiggler-app[bot] chore(deps): dedupe pnpm-lock.yaml (#​13358) 3c9e2c1
squiggler-app[bot] fix(deps): update portabletext (#​13357) 2963186
squiggler-app[bot] fix(deps): update dependency motion to ^12.42.0 (#​13356) 98e30ca
@​jordanl17 fix(releases): truncate document type column with tooltip on overflow (#​13335) c1fbdd2
squiggler-app[bot] fix(deps): update dependency xstate to ^5.32.2 (#​13355) 528e635
squiggler-app[bot] fix(deps): update dependency groq-js to ^1.30.3 (#​13354) 49db0b0
squiggler-app[bot] fix(deps): update dependency @​sanity/cli to ^7.4.1 (#​13353) f6a51e6
squiggler-app[bot] chore(deps): update dependency nanoid to ^5.1.16 (#​13352) 776e7f8
squiggler-app[bot] chore(deps): update dependency @​tanstack/react-virtual to ^3.14.4 (#​13351) 93126af
@​juice49 chore(sanity): lift document group inventory active state to DocumentPaneProvider (#​13347) 346756b
@​juice49 chore(sanity): document group inventory hint (#​13347) 6cfd1ed
@​bjoerge fix(studio): handle request errors in non-critical fetch paths (#​13345) 6ac5756
@​bjoerge chore(debug-proxy): return 204 for logout in expired-token scenario (#​13348) 577ddd6
@​christianhg chore(deps): add @portabletext/plugin-dnd and @portabletext/plugin-list-index (#​13315) 7f5b991
@​christianhg chore: allow the edge attribute in the oxlint i18n rule (#​13315) cc1f104
@​christianhg feat(portable-text): render Studio PT through the defineX catch-all pipeline (#​13315) e7c1bf4
@​christianhg test(test-studio): add defineContainer table and codeBlock demos (#​13315) 37a0233
@​stipsan refactor(vision): migrate styled-components to vanilla-extract (#​13333) dfe3311
@​bjoerge test(e2e): fix firefox test flake (#​13339) d0b6525
squiggler-app[bot] chore(deps): update dependency vercel to ^54.17.3 (#​13342) f075d1d
squiggler-app[bot] chore(deps): update dependency knip to ^6.21.0 (#​13341) 0c4a66b
squiggler-app[bot] chore(deps): update dependency @​sanity/google-maps-input to ^6.1.0 (#​13340) 32dc7e0
@​juice49 fix(sanity): condense and batch version observer requests (#​13311) d98e4a2
@​bjoerge chore(debug-proxy): add token-expiry scenario (#​13313) ff6f7f1
@​EoinFalconer fix(form): clear validation markers when viewing a historical revision (#​13245) d882e8c
@​jordanl17 feat(core): add document delete references telemetry (#​13235) b68b358
@​stipsan fix(core): remove sideEffects so injected bundle.css is not tree-shaken (#​13332) 7598190
@​jordanl17 fix(releases): allow scrolling in description field when content exceeds max height (#​13277) 6e3e816
@​christianhg test(form): drop trailing empty block from Google Docs paste snapshot (#​13324) ae0d922
squiggler-app[bot] chore(tests): generate dts tests 🤖 ✨ (#​13330) 563f99a
@​stipsan chore(deps): bump @​sanity/pkg-utils to 10.7.2 (#​13329) 372088b
squiggler-app[bot] chore(deps): update dependency vercel to ^54.15.0 (#​13326) 790651b
squiggler-app[bot] chore(deps): update dependency @​sanity/google-maps-input to v6 (#​13327) 5ea00b6
squiggler-app[bot] chore(deps): update dependency swr to ^2.4.2 (#​13325) e0b7f45
@​stipsan fix: enable react compiler on <Resizer> component (#​13310) c3fc74b
@​stipsan feat(core): re-add bundle.css export via conditional exports (#​13322) d0ce99f
Copilot chore(sanity): move swr to dependencies with semver range (#​13323) 6e095f7
@​bjoerge chore(debug-proxy): add intermittent 5xx incident scenario (#​13312) 5573f42
squiggler-app[bot] chore(tests): generate dts tests 🤖 ✨ (#​13318) 597df2c
squiggler-app[bot] chore(deps): dedupe pnpm-lock.yaml (#​13317) e4c20a5
squiggler-app[bot] chore(deps): update dependency conventional-changelog to ^7.2.1 (#​13316) bb388d9
squiggler-app[bot] fix(deps): update portabletext (#​13306) 15f519a
squiggler-app[bot] chore(deps): update dependency es-toolkit to ^1.48.1 (#​13304) dcc7b13
squiggler-app[bot] fix(deps): update dev-non-major (#​13305) ffe7c30
squiggler-app[bot] chore(deps): update dependency @​sanity/sdk to ^2.15.0 (#​13303) 8edb0da
squiggler-app[bot] chore(deps): update renovatebot/github-action action to v46.1.16 (#​13302) 42fa22f
squiggler-app[bot] chore(deps): update dependency knip to ^6.17.2 (#​13301) 1d86fc5
@​stipsan chore(test-studio): remove unused color, maps, hotspot, markdown and mux plugins (#​13309) 6ae71da
@​bjoerge fix(release-notes): handle breaking-change commit headers (#​13055) bcefeff
@​bjoerge fix(core): skip studio manifest upload without deployStudio grant (#​13294) 9a63625
squiggler-app[bot] chore(deps): update dependency vercel to ^54.14.5 (#​13285) c14b50a
@​EoinFalconer fix(releases): preview the draft in the discard draft dialog (#​13251) 539addc
@​bjoerge build(workspace): use catalog protocol for workspace overrides (#​13272) 01dc07c
squiggler-app[bot] chore(deps): update pnpm to v11.9.0 (#​13286) ed604fc
@​juice49 fix: prevent pnpm warnings polluting list packages output (#​13299) 94cad37
squiggler-app[bot] chore(tests): generate dts tests 🤖 ✨ (#​13298) 56c1293
@​christianhg fix(form): detect multi-block PT selection by enclosing block, not path[0] (#​13289) 115d396
@​binoy14 ci(pkg-pr-new): keep pnpm notices out of the package-list output (#​13295) ae58e63

v6.2.0

Compare Source

Sanity Studio v6.2.0

This release includes various improvements and bug fixes.

For the complete changelog with all details, please visit:
www.sanity.io/changelog/studio-Ni4xLjA

Install or upgrade Sanity Studio

To upgrade to this version, run:

npm install sanity@latest

To initiate a new Sanity Studio project or learn more about upgrading, please refer to our comprehensive guide on Installing and Upgrading Sanity Studio.

📓 Full changelog

Author Message Commit
@​juice49 chore(sanity): document inventory group feedback integration (#​13267) dd0bb31
@​bjoerge feat(debug-proxy): add network flap and latency simulation (#​13290) aca23b8
@​juice49 chore(sanity): document group inventory (#​13071) 7d0fffa
@​juice49 chore(sanity): remove version chips when versions inventory switched on (#​13071) 347da06
@​snorrees fix(CLDX-5683): preserve an explicit empty block decorator set (#​13291) 234029c
[@​snorr

Note

PR body was truncated to here.


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • "before 3am on Monday"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate using a curated preset maintained by Sanity. View repository job log here

@changeset-bot

changeset-bot Bot commented Jul 7, 2026

Copy link
Copy Markdown

⚠️ No Changeset found

Latest commit: 00aaf9e

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@vercel

vercel Bot commented Jul 7, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
sanity-ui-storybook Ready Ready Preview Jul 9, 2026 3:16am
ui-docs Error Error Jul 9, 2026 3:16am
1 Skipped Deployment
Project Deployment Actions Updated (UTC)
sanity-ui-workshop Ignored Ignored Jul 9, 2026 3:16am

Request Review

@socket-security

socket-security Bot commented Jul 7, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Addednpm/​groq@​6.4.010010080100100
Addednpm/​sanity@​6.4.09610010098100

View full report

@socket-security

socket-security Bot commented Jul 7, 2026

Copy link
Copy Markdown

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm @pnpm/network.ca-file is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/sanity@6.4.0npm/@pnpm/network.ca-file@1.0.2

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@pnpm/network.ca-file@1.0.2. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm @vercel/stega is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/sanity@6.4.0npm/@vercel/stega@1.1.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@vercel/stega@1.1.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm adm-zip is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/sanity@6.4.0npm/adm-zip@0.5.10

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/adm-zip@0.5.10. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm execa is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/sanity@6.4.0npm/execa@9.6.1

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/execa@9.6.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm powershell-utils is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/sanity@6.4.0npm/powershell-utils@0.1.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/powershell-utils@0.1.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm web-vitals is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/sanity@6.4.0npm/web-vitals@5.3.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/web-vitals@5.3.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@squiggler-app squiggler-app Bot force-pushed the renovate/main-major-6-sanity-monorepo branch from 5dbd76e to c34bbab Compare July 8, 2026 13:10
@squiggler-app squiggler-app Bot force-pushed the renovate/main-major-6-sanity-monorepo branch from c34bbab to 72f39b9 Compare July 8, 2026 14:51
@squiggler-app squiggler-app Bot force-pushed the renovate/main-major-6-sanity-monorepo branch from 72f39b9 to 3d95980 Compare July 8, 2026 15:50
@squiggler-app squiggler-app Bot force-pushed the renovate/main-major-6-sanity-monorepo branch from 3d95980 to 47681a7 Compare July 8, 2026 20:55
@squiggler-app squiggler-app Bot force-pushed the renovate/main-major-6-sanity-monorepo branch from 47681a7 to bbcae0e Compare July 9, 2026 00:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants