⬆ Bump the npm-packages group with 26 updates

[dependabot]

Bumps the npm-packages group with 26 updates:

Package	From	To
@hookform/resolvers	5.2.2	5.4.0
@tailwindcss/vite	4.1.18	4.3.0
@tanstack/react-query	5.90.21	5.100.11
@tanstack/react-query-devtools	5.91.2	5.100.11
@tanstack/react-router	1.163.3	1.170.7
@tanstack/react-router-devtools	1.166.7	1.167.0
axios	1.13.5	1.16.1
lucide-react	0.563.0	1.16.0
react	19.2.3	19.2.6
@types/react	19.2.9	19.2.15
react-dom	19.2.3	19.2.6
react-error-boundary	6.1.0	6.1.1
react-hook-form	7.71.1	7.76.0
react-icons	5.5.0	5.6.0
tailwind-merge	3.4.0	3.6.0
tailwindcss	4.2.1	4.3.0
zod	4.3.6	4.4.3
@biomejs/biome	2.3.14	2.4.15
@playwright/test	1.58.2	1.60.0
@tanstack/router-devtools	1.166.7	1.167.0
@tanstack/router-plugin	1.153.2	1.168.10
@types/node	25.5.0	25.9.1
@vitejs/plugin-react-swc	4.2.3	4.3.1
dotenv	17.3.1	17.4.2
typescript	5.9.3	6.0.3
vite	7.3.1	8.0.14

Updates @hookform/resolvers from 5.2.2 to 5.4.0

Release notes

Sourced from @​hookform/resolvers's releases.

v5.4.0

5.4.0 (2026-05-21)

Features

• feat: add ata-validator resolver (#845)

Fixes

• fix issue with toNestErrors.ts (#848)

• add guidance on passing context to yupResolver (useForm context) (#835) (3d29924)

Commits

• 3d29924 feat: add guidance on passing context to yupResolver (useForm context) (#835)
• 56b68f3 feat: 5.3.0
• cf8562d update readme on ata-validator
• 5e5b610 fix issue with toNestErrors.ts (#848)
• 72aacf8 Revise supported versions in SECURITY.md
• ad89a20 feat: add ata-validator resolver (#845)
• 02286db ci: updated publish workflow to use node 24 (#838)
• 2e9bc7c Fix(zodResolver): error paths in complex unions #787 (#819)
• See full diff in compare view

Updates @tailwindcss/vite from 4.1.18 to 4.3.0

Release notes

Sourced from @​tailwindcss/vite's releases.

v4.3.0

Added

• Add @container-size utility (#18901)
• Add scrollbar-{auto,thin,none} utilities for scrollbar-width, and scrollbar-thumb-* / scrollbar-track-* color utilities for scrollbar-color (#19981, #20019)
• Add scrollbar-gutter-* utilities (#20018)
• Add zoom-* utilities (#20020)
• Add tab-* utilities (#20022)
• Allow using @variant with stacked variants (e.g. @variant hover:focus { … }) (#19996)
• Allow using @variant with compound variants (e.g. @variant hover, focus { … }) (#19996)
• Support --default(…) in --value(…) and --modifier(…) for functional @utility definitions (#19989)

Fixed

• Ensure @plugin resolves package JavaScript entries instead of browser CSS entries when using @tailwindcss/vite (#19949)
• Fix relative @import and @plugin paths resolving from the wrong directory when using @tailwindcss/vite (#19965)
• Ensure CSS files containing @variant are processed by @tailwindcss/vite (#19966)
• Resolve imports relative to base when result.opts.from is not provided when using @tailwindcss/postcss (#19980)
• Canonicalization: preserve significant _ whitespace in arbitrary values (#19986)
• Canonicalization: add parentheses when removing whitespace from arbitrary values would hurt readability (e.g. w-[calc(100%---spacing(60))] → w-[calc(100%-(--spacing(60)))]) (#19986)
• Canonicalization: preserve the original unit in arbitrary values instead of normalizing to base units (e.g. -mt-[20in] → mt-[-20in], not mt-[-1920px]) (#19988)
• Canonicalization: migrate arbitrary :has() variants from [&:has(…)] to has-[…] (#19991)
• Upgrade: don’t migrate inline style attributes (e.g. style="flex-grow: 1" → style="flex-grow: 1", not style="grow: 1") (#19918)
• Allow multiple @utility definitions with the same name but different value types (#19777)
• Export missing PluginWithConfig type from tailwindcss/plugin to fix errors when inferring plugin config types (#19707)
• Ensure start and end legacy utilities without values do not generate CSS (#20003)
• Ensure --value(…) is required in functional @utility definitions (#20005)
• Canonicalization: preserve required whitespace around operators in negated arbitrary values (e.g. -left-[(var(--a)+var(--b))]) (#20011)

v4.2.4

Fixed

• Ensure imports in @import and @plugin still resolve correctly when using Vite aliases in @tailwindcss/vite (#19947)

v4.2.3

Fixed

• Canonicalization: improve canonicalizations for tracking-* utilities by preferring non-negative utilities (e.g. -tracking-tighter → tracking-wider) (#19827)
• Fix crash due to invalid characters in candidate (exceeding valid unicode code point range) (#19829)
• Ensure query params in imports are considered unique resources when using @tailwindcss/webpack (#19723)
• Canonicalization: collapse arbitrary values into shorthand utilities (e.g. px-[1.2rem] py-[1.2rem] → p-[1.2rem]) (#19837)
• Canonicalization: collapse border-{t,b}-* into border-y-*, border-{l,r}-* into border-x-*, and border-{t,r,b,l}-* into border-* (#19842)
• Canonicalization: collapse scroll-m{t,b}-* into scroll-my-*, scroll-m{l,r}-* into scroll-mx-*, and scroll-m{t,r,b,l}-* into scroll-m-* (#19842)
• Canonicalization: collapse scroll-p{t,b}-* into scroll-py-*, scroll-p{l,r}-* into scroll-px-*, and scroll-p{t,r,b,l}-* into scroll-p-* (#19842)
• Canonicalization: collapse overflow-{x,y}-* into overflow-* (#19842)
• Canonicalization: collapse overscroll-{x,y}-* into overscroll-* (#19842)
• Read from --placeholder-color instead of --background-color for placeholder-* utilities (#19843)
• Upgrade: ensure files are not emptied out when killing the upgrade process while it's running (#19846)
• Upgrade: use config.content when migrating from Tailwind CSS v3 to Tailwind CSS v4 (#19846)
• Upgrade: never migrate files that are ignored by git (#19846)

... (truncated)

Changelog

Sourced from @​tailwindcss/vite's changelog.

[4.3.0] - 2026-05-08

Added

• Add @container-size utility (#18901)
• Add scrollbar-{auto,thin,none} utilities for scrollbar-width, and scrollbar-thumb-* / scrollbar-track-* color utilities for scrollbar-color (#19981, #20019)
• Add scrollbar-gutter-* utilities (#20018)
• Add zoom-* utilities (#20020)
• Add tab-* utilities (#20022)
• Allow using @variant with stacked variants (e.g. @variant hover:focus { … }) (#19996)
• Allow using @variant with compound variants (e.g. @variant hover, focus { … }) (#19996)
• Support --default(…) in --value(…) and --modifier(…) for functional @utility definitions (#19989)

Fixed

• Ensure @plugin resolves package JavaScript entries instead of browser CSS entries when using @tailwindcss/vite (#19949)
• Fix relative @import and @plugin paths resolving from the wrong directory when using @tailwindcss/vite (#19965)
• Ensure CSS files containing @variant are processed by @tailwindcss/vite (#19966)
• Resolve imports relative to base when result.opts.from is not provided when using @tailwindcss/postcss (#19980)
• Canonicalization: preserve significant _ whitespace in arbitrary values (#19986)
• Canonicalization: add parentheses when removing whitespace from arbitrary values would hurt readability (e.g. w-[calc(100%---spacing(60))] → w-[calc(100%-(--spacing(60)))]) (#19986)
• Canonicalization: preserve the original unit in arbitrary values instead of normalizing to base units (e.g. -mt-[20in] → mt-[-20in], not mt-[-1920px]) (#19988)
• Canonicalization: migrate arbitrary :has() variants from [&:has(…)] to has-[…] (#19991)
• Upgrade: don’t migrate inline style attributes (e.g. style="flex-grow: 1" → style="flex-grow: 1", not style="grow: 1") (#19918)
• Allow multiple @utility definitions with the same name but different value types (#19777)
• Export missing PluginWithConfig type from tailwindcss/plugin to fix errors when inferring plugin config types (#19707)
• Ensure start and end legacy utilities without values do not generate CSS (#20003)
• Ensure --value(…) is required in functional @utility definitions (#20005)
• Canonicalization: preserve required whitespace around operators in negated arbitrary values (e.g. -left-[(var(--a)+var(--b))]) (#20011)

[4.2.4] - 2026-04-21

Fixed

• Ensure imports in @import and @plugin still resolve correctly when using Vite aliases in @tailwindcss/vite (#19947)

[4.2.3] - 2026-04-20

Fixed

• Canonicalization: improve canonicalization for tracking-* utilities by preferring non-negative utilities (e.g. -tracking-tighter → tracking-wider) (#19827)
• Fix crash due to invalid characters in candidate (exceeding valid unicode code point range) (#19829)
• Ensure query params in imports are considered unique resources when using @tailwindcss/webpack (#19723)
• Canonicalization: collapse arbitrary values into shorthand utilities (e.g. px-[1.2rem] py-[1.2rem] → p-[1.2rem]) (#19837)
• Canonicalization: collapse border-{t,b}-* into border-y-*, border-{l,r}-* into border-x-*, and border-{t,r,b,l}-* into border-* (#19842)
• Canonicalization: collapse scroll-m{t,b}-* into scroll-my-*, scroll-m{l,r}-* into scroll-mx-*, and scroll-m{t,r,b,l}-* into scroll-m-* (#19842)
• Canonicalization: collapse scroll-p{t,b}-* into scroll-py-*, scroll-p{l,r}-* into scroll-px-*, and scroll-p{t,r,b,l}-* into scroll-p-* (#19842)
• Canonicalization: collapse overflow-{x,y}-* into overflow-* (#19842)
• Canonicalization: collapse overscroll-{x,y}-* into overscroll-* (#19842)
• Read from --placeholder-color instead of --background-color for placeholder-* utilities (#19843)

... (truncated)

Commits

• 588bd73 4.3.0 (#20023)
• d194d4c docs: fix various typos in comments and documentation (#19878)
• db27049 fix(@​tailwindcss/vite): include @​variant in feature detection (#19966)
• 5a79990 Always resolve relative files, relative to the current .css file (#19965)
• f3fdda2 fix(vite): avoid resolving JS plugins to browser CSS entries (#19949)
• 69ad7cc 4.2.4 (#19948)
• 685c19e Fix issue around resolving paths in @tailwindcss/vite (#19947)
• 2e3fa49 4.2.3 (#19944)
• 5cb1efd fix(vite): resolve tsconfig paths in CSS and JS resolvers (#19803)
• d596b0c 4.2.2 (#19821)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​tailwindcss/vite since your current version.

Updates @tanstack/react-query from 5.90.21 to 5.100.11

Release notes

Sourced from @​tanstack/react-query's releases.

@​tanstack/react-query-devtools@​5.100.11

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-devtools@​5.100.11
  • @​tanstack/react-query@​5.100.11

@​tanstack/react-query-next-experimental@​5.100.11

Patch Changes

• Updated dependencies []:
  • @​tanstack/react-query@​5.100.11

@​tanstack/react-query-persist-client@​5.100.11

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-persist-client-core@​5.100.11
  • @​tanstack/react-query@​5.100.11

@​tanstack/react-query@​5.100.11

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.11

Changelog

Sourced from @​tanstack/react-query's changelog.

5.100.11

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.11

5.100.10

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.10

5.100.9

Patch Changes

• Updated dependencies [fcee7bd]:
  • @​tanstack/query-core@​5.100.9

5.100.8

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.8

5.100.7

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.7

5.100.6

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.6

5.100.5

Patch Changes

• Updated dependencies [a53ef97]:
  • @​tanstack/query-core@​5.100.5

5.100.4

... (truncated)

Commits

• 3e85350 ci: Version Packages (#10706)
• 9d2692c ci: Version Packages (#10695)
• 74fa05e chore(tsconfig.json): narrow 'include' pattern to prevent TS6053 race conditi...
• 8c3d523 ci: Version Packages (#10630)
• 9800c8f ci: Version Packages (#10623)
• 3ae4261 ci: Version Packages (#10620)
• 87f7ccf ci: Version Packages (#10604)
• 441204b ci: Version Packages (#10582)
• 55afb3e ci: Version Packages (#10581)
• fe287cc ci: Version Packages (#10579)
• Additional commits viewable in compare view

Updates @tanstack/react-query-devtools from 5.91.2 to 5.100.11

Release notes

Sourced from @​tanstack/react-query-devtools's releases.

@​tanstack/react-query-devtools@​5.100.11

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-devtools@​5.100.11
  • @​tanstack/react-query@​5.100.11

Changelog

Sourced from @​tanstack/react-query-devtools's changelog.

5.100.11

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-devtools@​5.100.11
  • @​tanstack/react-query@​5.100.11

5.100.10

Patch Changes

• Updated dependencies [4d130b9]:
  • @​tanstack/query-devtools@​5.100.10
  • @​tanstack/react-query@​5.100.10

5.100.9

Patch Changes

• Updated dependencies [3d21cac]:
  • @​tanstack/query-devtools@​5.100.9
  • @​tanstack/react-query@​5.100.9

5.100.8

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-devtools@​5.100.8
  • @​tanstack/react-query@​5.100.8

5.100.7

Patch Changes

• docs(devtools): align logo, panel, and 'buttonPosition' union descriptions across docs and JSDoc (#10617)

• Updated dependencies []:

  • @​tanstack/query-devtools@​5.100.7
  • @​tanstack/react-query@​5.100.7

5.100.6

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-devtools@​5.100.6
  • @​tanstack/react-query@​5.100.6

... (truncated)

Commits

• 3e85350 ci: Version Packages (#10706)
• 9d2692c ci: Version Packages (#10695)
• 74fa05e chore(tsconfig.json): narrow 'include' pattern to prevent TS6053 race conditi...
• 8c3d523 ci: Version Packages (#10630)
• 03eba38 test(react-query-devtools): add tests for missing 'QueryClient', context prov...
• 9800c8f ci: Version Packages (#10623)
• 3ae4261 ci: Version Packages (#10620)
• 868577d docs(devtools): align logo, panel, and option union descriptions across docs ...
• 87f7ccf ci: Version Packages (#10604)
• 441204b ci: Version Packages (#10582)
• Additional commits viewable in compare view

Updates @tanstack/react-router from 1.163.3 to 1.170.7

Release notes

Sourced from @​tanstack/react-router's releases.

@​tanstack/react-router-ssr-query@​1.167.1

Patch Changes

• Updated dependencies [d1997b6]:
  • @​tanstack/router-ssr-query-core@​1.169.1

Changelog

Sourced from @​tanstack/react-router's changelog.

1.170.7

Patch Changes

• Updated dependencies [5268ba4]:
  • @​tanstack/router-core@​1.171.5

1.170.6

Patch Changes

• Fix hash navigation being overridden by stale scroll restoration entries. (#7447)

• Updated dependencies [0300f87, 0300f87]:

  • @​tanstack/router-core@​1.171.4

1.170.5

Patch Changes

• Updated dependencies [5fa9e55]:
  • @​tanstack/router-core@​1.171.3

1.170.4

Patch Changes

• Updated dependencies [b60eb36]:
  • @​tanstack/router-core@​1.171.2

1.170.3

Patch Changes

• Updated dependencies [d9cf933]:
  • @​tanstack/router-core@​1.171.1

1.170.2

Patch Changes

• Updated dependencies [d533f87]:
  • @​tanstack/router-core@​1.171.0

1.170.1

Patch Changes

• Updated dependencies [2387a2e]:
  • @​tanstack/router-core@​1.170.1

... (truncated)

Commits

• b47b338 ci: Version Packages (#7467)
• 35a7d9c ci: Version Packages (#7452)
• 0300f87 fix: fix scroll restoration issues (#7447)
• 254cb88 ci: Version Packages (#7435)
• 9f6258f chore: update zod to v4.4.3 (#7441)
• 5fa9e55 feat: deferred hydration (#7362)
• ee8a675 ci: Version Packages (#7423)
• d1dc4ae ci: Version Packages (#7417)
• 4e42422 ci: Version Packages (#7413)
• 13432ad ci: Version Packages (#7407)
• Additional commits viewable in compare view

Updates @tanstack/react-router-devtools from 1.166.7 to 1.167.0

Changelog

Sourced from @​tanstack/react-router-devtools's changelog.

1.167.0

Minor Changes

• Clean minor bump, fresh start (#7395)

Patch Changes

• Updated dependencies [b1c061a, 201e150]:
  • @​tanstack/router-core@​1.170.0
  • @​tanstack/react-router@​1.170.0
  • @​tanstack/router-devtools-core@​1.168.0

1.166.13

Patch Changes

• Updated dependencies [6355bb7]:
  • @​tanstack/router-devtools-core@​1.167.3
  • @​tanstack/react-router@​1.168.15
  • @​tanstack/router-core@​1.168.11

1.166.12

Patch Changes

• Updated dependencies [459057c]:
  • @​tanstack/router-devtools-core@​1.167.2
  • @​tanstack/react-router@​1.168.14
  • @​tanstack/router-core@​1.168.10

1.166.11

Patch Changes

• Updated dependencies [c9e1855]:
  • @​tanstack/router-devtools-core@​1.167.1
  • @​tanstack/react-router@​1.168.2
  • @​tanstack/router-core@​1.168.2

1.166.10

Patch Changes

• Updated dependencies [0545239]:
  • @​tanstack/router-devtools-core@​1.167.0
  • @​tanstack/react-router@​1.168.0
  • @​tanstack/router-core@​1.168.0

1.166.9

... (truncated)

Commits

• ae64839 ci: Version Packages (#7405)
• 91a7089 rsbuild plugin (#7228)
• c066031 ci: changeset release
• 27890af ci: changeset release
• b1c0f46 chore: upgrade tooling to typescript 6 (#7024)
• 67d9e69 ci: changeset release
• 423be8a ci: changeset release
• a0a6aa8 ci: changeset release
• 91d1085 ci: changeset release
• ef9b241 build: update to @​tanstack/vite-config v0.4.3 (#6923)
• See full diff in compare view

Updates axios from 1.13.5 to 1.16.1

Release notes

Sourced from axios's releases.

v1.16.1 — May 13, 2026

This release ships a defence-in-depth fix for prototype pollution in formDataToJSON, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.

🔒 Security Fixes

• Prototype Pollution Defence-in-Depth: Hardened formDataToJSON against already-polluted Object.prototype by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (#7413)
• Proxy Cleartext Leak: Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (#10858)
• CI Cache Removal: Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (#10882)

🐛 Bug Fixes

• Data URI Parsing: Updated the fromDataURI regex to match RFC 2397 more strictly, fixing edge cases in data: URL handling. (#10829)
• Unicode Headers: Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (#10850)
• XHR Upload Progress: Guarded against malformed ProgressEvent payloads emitted by some environments during XHR upload, preventing crashes when loaded / total are missing or invalid. (#10868)
• Webpack 4 Fetch Adapter: Fixed an "unexpected token" error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (#10864)
• Type Definitions: Made parseReviver context.source optional in the type definitions to align with the ES2023 specification. (#10837)
• URL Object Support Reverted: Reverted the change that allowed passing a URL object as config.url (originally #10866) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (#10874)

🔧 Maintenance & Chores

• Cycle Detection Refactor: Replaced the array-based cycle tracker in toJSONObject with a WeakSet, improving performance and memory behaviour on large nested structures. (#10832)
• composeSignals Cleanup: Refactored composeSignals to use a clearer early-return structure, simplifying the cancellation/abort composition path. (#10844)
• AI Readiness & Repo Docs: Added AGENTS.md and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (#10835, #10841)
• Docs Improvements: Clarified the GET request example, fixed the interceptor eject example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (#10836, #10853, #10856)
• Sponsorship Tooling: Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (#10843, #10859, #10869)
• Dependencies: Bumped @commitlint/cli from 20.5.0 to 20.5.2. (#10846)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

• @​hpinmetaverse (#10836)
• @​tommyhgunz14 (#7413)
• @​abhu85 (#10829)
• @​divyanshuraj1095 (#10853)
• @​sagodi97 (#10856)
• @​rkdfx (#10868)
• @​Liuwei1125 (#10866)

Full Changelog

v1.16.0 — May 2, 2026

This release adds support for the QUERY HTTP method and a new ECONNREFUSED error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.

⚠️ Notable Changes

A handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:

... (truncated)

Changelog

Sourced from axios's changelog.

v1.16.1 — May 13, 2026

This release ships a defence-in-depth fix for prototype pollution in formDataToJSON, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.

🔒 Security Fixes

• Prototype Pollution Defence-in-Depth: Hardened formDataToJSON against already-polluted Object.prototype by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (#7413)
• Proxy Cleartext Leak: Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (#10858)
• CI Cache Removal: Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (#10882)

🐛 Bug Fixes

• Data URI Parsing: Updated the fromDataURI regex to match RFC 2397 more strictly, fixing edge cases in data: URL handling. (#10829)
• Unicode Headers: Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (#10850)
• XHR Upload Progress: Guarded against malformed ProgressEvent payloads emitted by some environments during XHR upload, preventing crashes when loaded / total are missing or invalid. (#10868)
• Webpack 4 Fetch Adapter: Fixed an "unexpected token" error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (#10864)
• Type Definitions: Made parseReviver context.source optional in the type definitions to align with the ES2023 specification. (#10837)
• URL Object Support Reverted: Reverted the change that allowed passing a URL object as config.url (originally #10866) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (#10874)

🔧 Maintenance & Chores

• Cycle Detection Refactor: Replaced the array-based cycle tracker in toJSONObject with a WeakSet, improving performance and memory behaviour on large nested structures. (#10832)
• composeSignals Cleanup: Refactored composeSignals to use a clearer early-return structure, simplifying the cancellation/abort composition path. (#10844)
• AI Readiness & Repo Docs: Added AGENTS.md and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (#10835, #10841)
• Docs Improvements: Clarified the GET request example, fixed the interceptor eject example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (#10836, #10853, #10856)
• Sponsorship Tooling: Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (#10843, #10859, #10869)
• Dependencies: Bumped @commitlint/cli from 20.5.0 to 20.5.2. (#10846)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

• @​hpinmetaverse (#10836)
• @​tommyhgunz14 (#7413)
• @​abhu85 (#10829)
• @​divyanshuraj1095 (#10853)
• @​sagodi97 (#10856)
• @​rkdfx (#10868)
• @​Liuwei1125 (#10866)

Full Changelog

v1.16.0 — May 2, 2026

This release adds support for the QUERY HTTP method and a new ECONNREFUSED error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.

⚠️ Notable Changes

A handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:

... (truncated)

Commits

• 1337d6b chore(release): prepare release 1.16.1 (#10877)
• 858a790 fix: remove all caches (#10882)