deps(deps): bump the minor-and-patch group with 3 updates

[dependabot]

Bumps the minor-and-patch group with 3 updates: @supabase/supabase-js, openai and radix-ui.

Updates @supabase/supabase-js from 2.106.2 to 2.107.0

Release notes

Sourced from @​supabase/supabase-js's releases.

v2.107.0

2.107.0 (2026-06-02)

🚀 Features

• auth: remove navigator.locks-based mutex; introduce commit guard + dispose() (#2392)
• realtime: allow httpSend to send binary payload (#2400)
• supabase: update X-Client-Info to structured metadata format (#2359)

🩹 Fixes

• auth: return AuthInvalidJwtError from getClaims for expired JWT (#2395)
• auth: recognize ?error= redirects in implicit grant gate (#2407)
• auth): revert fix(auth: encode client-id in oauth requests (#2383, #2417)
• postgrest: return a structured error for non-JSON body on successful responses (#2398)
• release: pin workspace:* sibling deps before JSR publish (#2418)
• release: publish gotrue-js legacy mirror via pnpm (#2419)

❤️ Thank You

• Claude Opus 4.7 (1M context)
• Claude Sonnet 4.6
• Eduardo Gurgel
• Guilherme Souza
• Katerina Skroumpelou @​mandarini
• Omar Al Matar @​Bewinxed
• youcef zr @​youcefzemmar
• youcefzemmar

v2.107.0-canary.6

2.107.0-canary.6 (2026-06-02)

This was a version bump only, there were no code changes.

v2.107.0-canary.5

2.107.0-canary.5 (2026-06-02)

🩹 Fixes

• release: publish gotrue-js legacy mirror via pnpm (#2419)

❤️ Thank You

• Katerina Skroumpelou @​mandarini

v2.107.0-canary.4

2.107.0-canary.4 (2026-06-02)

🩹 Fixes

... (truncated)

Changelog

Sourced from @​supabase/supabase-js's changelog.

2.107.0 (2026-06-02)

🚀 Features

• auth: remove navigator.locks-based mutex; introduce commit guard + dispose() (#2392)
• supabase: update X-Client-Info to structured metadata format (#2359)
• realtime: allow httpSend to send binary payload (#2400)

❤️ Thank You

• Claude Sonnet 4.6
• Eduardo Gurgel
• Guilherme Souza
• Katerina Skroumpelou @​mandarini
• Omar Al Matar @​Bewinxed

Commits

• 54ec2b6 feat(auth): remove navigator.locks-based mutex; introduce commit guard + disp...
• 3397c92 feat(supabase): update X-Client-Info to structured metadata format (#2359)
• 335207f feat(realtime): allow httpSend to send binary payload (#2400)
• 42f12dd docs(repo): ship per-package AGENTS.md and migrations via npm (#2397)
• b200b74 chore(release): version 2.106.2 changelogs (#2396)
• See full diff in compare view

Updates openai from 6.39.1 to 6.42.0

Release notes

Sourced from openai's releases.

v6.42.0

6.42.0 (2026-06-03)

Full Changelog: v6.41.0...v6.42.0

Features

• api: responses.moderation and chat_completions.moderation (6d8f592)

v6.41.0

6.41.0 (2026-06-01)

Full Changelog: v6.40.0...v6.41.0

Features

• api: Add Amazon Bedrock Responses support (#1899) (535b045)

v6.40.0

6.40.0 (2026-06-01)

Full Changelog: v6.39.1...v6.40.0

Features

• api: workload identity in audit logs, additional_tools item in responses, fix ActionSearch.query to be optional. (aee09f3)

Chores

• remove migrate CLI (673c618)

Changelog

Sourced from openai's changelog.

6.42.0 (2026-06-03)

Full Changelog: v6.41.0...v6.42.0

Features

• api: responses.moderation and chat_completions.moderation (6d8f592)

6.41.0 (2026-06-01)

Full Changelog: v6.40.0...v6.41.0

Features

• api: Add Amazon Bedrock Responses support (#1899) (535b045)

6.40.0 (2026-06-01)

Full Changelog: v6.39.1...v6.40.0

Features

• api: workload identity in audit logs, additional_tools item in responses, fix ActionSearch.query to be optional. (aee09f3)

Chores

• remove migrate CLI (673c618)

Commits

• 6f849f4 release: 6.42.0
• 579edb2 feat(api): responses.moderation and chat_completions.moderation
• 7fa93eb release: 6.41.0
• 3b7fe31 feat(api): Add Amazon Bedrock Responses support (#1899)
• caf499a codegen metadata
• 77bec5b release: 6.40.0
• 0fb7602 feat(api): workload identity in audit logs, additional_tools item in response...
• 4a860b8 chore: remove migrate CLI
• See full diff in compare view

Updates radix-ui from 1.4.3 to 1.5.0

Changelog

Sourced from radix-ui's changelog.

1.5.0

Context Menu

• Added support for a controlled open prop on ContextMenu.Root. This is intended for reading the open state and closing the menu programmatically, though we discourage opening the menu programmatically since opening the menu depends on user interaction to position the menu.

  function ControlledContextMenu() {
    const [open, setOpen] = React.useState(false);
    return (
      <ContextMenu.Root open={open} onOpenChange={setOpen}>
        <ContextMenu.Trigger>Open</ContextMenu.Trigger>
        <ContextMenu.Content>
          <button type="button" onClick={() => setOpen(false)}>
            Close me
          </button>
          <ContextMenu.Item>Item 1</ContextMenu.Item>
          <ContextMenu.Item>Item 2</ContextMenu.Item>
        </ContextMenu.Content>
      </ContextMenu.Root>
    );
  }

• Fixed a bug in where submenus remained expanded after re-opening on long-press touch events.

Dialog

• Fixed a bug where iOS text selection and editing on HTML inputs within dialogs were broken.
• Fixed a bug causing disabled pointer events in closed dialogs.

One-Time Password Field

• Fixed pasting into One-Time Password Field in environments that do not support the legacy "Text" clipboard format by reading the pasted value as "text/plain".
• Fixed issues with focus management in React 19.2+.
• Fixed a bug to ensure that pasted values exceeding the field length are truncated.

Popper

• Fixed a "Maximum update depth exceeded" bug for pages with a large number of popper instances.
• Exposed data-side and data-align on PopperAnchor element

Presence

• Fixed a "Maximum update depth exceeded" bug in React 19 that could occur when Presence was given a child with an unstable ref.

Radio Group

• Added unstable RadioGroupItemProvider, RadioGroupItemTrigger and RadioGroupItemBubbleInput parts. These expose the previously internal composition of a radio item that included a visually hidden input so consumers can directly access and recompose them. The RadioGroupItem component continues to render them by default.

... (truncated)

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for radix-ui since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
perthpintprices	Ready	Preview, Comment	Jun 7, 2026 10:07pm

[iamjohnnymac]

Superseded by #190 (merged) — main now carries these bumps, verified together with the rest of the group.

---

Generated by Claude Code

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml