Skip to content

chore(deps): bump sanity to 6.5.0 and enable unstable_bundledDev#1589

Merged
stipsan merged 3 commits into
mainfrom
cursor/bump-sanity-bundled-dev-cdbc
Jul 15, 2026
Merged

chore(deps): bump sanity to 6.5.0 and enable unstable_bundledDev#1589
stipsan merged 3 commits into
mainfrom
cursor/bump-sanity-bundled-dev-cdbc

Conversation

@stipsan

@stipsan stipsan commented Jul 15, 2026

Copy link
Copy Markdown
Member

Summary

Bumps catalog Sanity packages from 6.4.06.5.0 and updates the lockfile so @sanity/client / @sanity/eventsource resolve to latest, enabling unstable_bundledDev without Structure crashing on a missing EventSource2 default export.

Changes

  • Catalog: sanity, @sanity/mutator, @sanity/schema, @sanity/util, @sanity/vision^6.5.0
  • Catalog: @sanity/client^7.23.2
  • Lockfile: @sanity/client@7.23.2, @sanity/eventsource@5.0.4 (preserved after pnpm dedupe; no overrides)
  • dev/test-studio/sanity.cli.ts: set unstable_bundledDev: true
  • sanity-plugin-markdown: inlinedDependencies @sanity/client synced to 7.23.2

Why

@sanity/client does import("@sanity/eventsource") and reads default as EventSource2. With unstable_bundledDev, outdated @sanity/eventsource (5.0.2, CJS-only browser export) can leave that default undefined. 5.0.4 ships a proper ESM browser.mjs default export.

Verification

  • Lockfile has single @sanity/client@7.23.2 and @sanity/eventsource@5.0.4
  • pnpm format, pnpm lint, pnpm knip, pnpm build, pnpm test all pass
  • Manual: Structure tool loads; no EventSource / crash console matches

Structure tool loaded
Console: no EventSource errors

Test plan

  • Lockfile shows single client/eventsource versions (no overrides)
  • Dev server starts with bundledDev
  • Structure tool loads without EventSource2 crash
  • format / lint / knip / build / test

To show artifacts inline, enable in settings.

Open in Web Open in Cursor 

Align @sanity/client (7.23.2) and @sanity/eventsource (5.0.4) so
unstable_bundledDev can be enabled without EventSource2 crashes in Structure.
@changeset-bot

changeset-bot Bot commented Jul 15, 2026

Copy link
Copy Markdown

⚠️ No Changeset found

Latest commit: ed412a9

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@vercel

vercel Bot commented Jul 15, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
plugins-studio Ready Ready Preview, Comment Jul 15, 2026 1:06pm

Request Review

@socket-security

socket-security Bot commented Jul 15, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Addednpm/​@​sanity/​util@​6.5.0991007198100
Addednpm/​@​sanity/​mutator@​6.5.01001007698100
Addednpm/​sanity@​6.5.09510010098100
Addednpm/​@​sanity/​vision@​6.5.0981009698100
Addednpm/​@​sanity/​schema@​6.5.0991009998100

View full report

@stipsan stipsan added the 🤖 bot label Jul 15, 2026 — with Cursor
Keep @sanity/client@7.23.2 and @sanity/eventsource@5.0.4 via the
lockfile after pnpm dedupe; remove the temporary overrides and markdown
changeset.
@stipsan
stipsan marked this pull request as ready for review July 15, 2026 13:10
Copilot AI review requested due to automatic review settings July 15, 2026 13:10
@stipsan
stipsan requested a review from a team as a code owner July 15, 2026 13:10
@stipsan
stipsan requested review from pedrobonamin and removed request for a team July 15, 2026 13:10
@stipsan
stipsan enabled auto-merge (squash) July 15, 2026 13:12
@stipsan
stipsan disabled auto-merge July 15, 2026 13:12
@stipsan
stipsan merged commit b5afb08 into main Jul 15, 2026
14 checks passed
@stipsan
stipsan deleted the cursor/bump-sanity-bundled-dev-cdbc branch July 15, 2026 13:12

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the monorepo’s Sanity dependency set and test-studio dev configuration to work with Sanity 6.5.0 and to avoid @sanity/client/@sanity/eventsource mismatches when running the dev server.

Changes:

  • Bump Sanity-related catalog entries (including sanity, @sanity/*) to ^6.5.0 and @sanity/client to ^7.23.2.
  • Update the lockfile to resolve @sanity/client@7.23.2 and @sanity/eventsource@5.0.4.
  • Enable unstable_bundledDev in the test studio CLI config and align sanity-plugin-markdown’s inlinedDependencies for @sanity/client.

Reviewed changes

Copilot reviewed 3 out of 4 changed files in this pull request and generated 1 comment.

File Description
pnpm-workspace.yaml Bumps Sanity catalog versions (including sanity and @sanity/client) to newer ranges.
pnpm-lock.yaml Updates the resolved dependency graph to match the new catalog versions (incl. @sanity/eventsource@5.0.4).
plugins/sanity-plugin-markdown/package.json Syncs inlinedDependencies.@sanity/client to 7.23.2 to match the lock/cached resolution.
dev/test-studio/sanity.cli.ts Enables unstable_bundledDev for sanity dev in the test studio setup.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment on lines 70 to 73
"inlinedDependencies": {
"@sanity/client": "7.23.0",
"@sanity/client": "7.23.2",
"rxjs": "7.8.2"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants