chore(deps-dev): bump swr from 2.3.7 to 2.3.8

[dependabot]

Bumps swr from 2.3.7 to 2.3.8.

Release notes

Sourced from swr's releases.

v2.3.8

What's Changed

• deps: upgrade dev deps for build by @​promer94 in vercel/swr#4188
• update use-sync-external-store to latest by @​huozhi in vercel/swr#4189
• fix: cve-2025-55182 critical rce vulnerability by @​PierreCrb in vercel/swr#4192
• fix: cve-2025-55184 & CVE-2025-55183 by @​PierreCrb in vercel/swr#4198
• upgrade dev dep nextjs by @​huozhi in vercel/swr#4199
• update dev dependencies to address cve by @​PierreCrb in vercel/swr#4200
• enhance: Improve TSDoc comments by @​shuding in vercel/swr#4203
• test: Import act from React by @​shuding in vercel/swr#4202

New Contributors

• @​PierreCrb made their first contribution in vercel/swr#4192

Full Changelog: vercel/swr@v2.3.7...v2.3.8

Commits

• e0426a9 2.3.8
• ca6e11d test: Import act from React (#4202)
• eff8fda enhance: Improve TSDoc comments (#4203)
• b2e7db3 update dev dependencies to address cve (#4200)
• 952198b upgrade dev dep nextjs (#4199)
• 147c728 fix: cve-2025-55184 & CVE-2025-55183 (#4198)
• 7051040 fix: cve-2025-55182 critical rce vulnerability (#4192)
• da76c01 update use-sync-external-store to latest (#4189)
• c7eda39 deps: upgrade dev deps for build (#4188)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: dependencies, npm. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[github-actions]

size-limit report 📦

Path	Size
ESM Bundle (Full Library)	1.76 KB (0%)
UMD Bundle (Full Library)	2.04 KB (0%)
Hook - useSWRCreate	1.03 KB (0%)
Hook - useSWRUpdate	1.04 KB (0%)
Hook - useSWRDelete	1.03 KB (0%)
Utility - extractSWRKey	277 B (0%)
Utility - mutateByGroup	820 B (0%)
Utility - mutateById	812 B (0%)
Utility - resetCache	817 B (0%)
Utility - swrGetCache	49 B (0%)
Utility - swrMutate	47 B (0%)
Utility - to (error handler)	69 B (0%)
Error - MutationError	411 B (0%)

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!