chore(deps-dev): bump eslint-plugin-react-hooks from 5.2.0 to 6.1.1

[dependabot]

Bumps eslint-plugin-react-hooks from 5.2.0 to 6.1.1.

Changelog

Sourced from eslint-plugin-react-hooks's changelog.

6.1.1

Note: 6.1.0 accidentally allowed use of recommended without flat config, causing errors when used with ESLint v9's defineConfig() helper. This has been fixed in 6.1.1.

• Fix recommended config for flat config compatibility. The recommended config has been converted to flat config format. Non-flat config users should use recommended-legacy instead. (@​poteto in #34700)
• Add recommended-latest and recommended-latest-legacy configs that include React Compiler rules. (@​poteto in #34675)
• Remove unused NoUnusedOptOutDirectives rule. (@​poteto in #34703)
• Remove hermes-parser and dependency. (@​poteto in #34719)
• Remove @babel/plugin-proposal-private-methods dependency. (@​ArnaudBarre and @​josephsavona in #34715)
• Update for Zod v3/v4 compatibility. (@​kolian and @​josephsavona in #34717)

6.1.0

Note: Version 6.0.0 was mistakenly released and immediately deprecated and untagged on npm. This is the first official 6.x major release and includes breaking changes.

• Breaking: Require Node.js 18 or newer. (@​michaelfaith in #32458)
• Breaking: Flat config is now the default recommended preset. Legacy config moved to recommended-legacy. (@​michaelfaith in #32457)
• New Violations: Disallow calling use within try/catch blocks. (@​poteto in #34040)
• New Violations: Disallow calling useEffectEvent functions in arbitrary closures. (@​jbrown215 in #33544)
• Handle React.useEffect in addition to useEffect in rules-of-hooks. (@​Ayc0 in #34076)
• Added react-hooks settings config option that to accept additionalEffectHooks that are used across exhaustive-deps and rules-of-hooks rules. (@​jbrown215) in #34497

6.0.0

Accidentally released. See 6.1.0 for the actual changes.

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: chore: update @walletconnect/, viemand@wagmi/ dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
appkit-basic-html	Ready	Preview	Comment	Oct 16, 2025 3:35pm
appkit-demo	Ready	Preview	Comment	Oct 16, 2025 3:35pm
appkit-gallery	Ready	Preview		Oct 16, 2025 3:35pm
appkit-laboratory	Ready	Preview		Oct 16, 2025 3:35pm

10 Skipped Deployments

Project	Deployment	Preview	Comments	Updated (UTC)
appkit-basic-example	Ignored			Oct 16, 2025 3:35pm
appkit-basic-sign-client-example	Ignored			Oct 16, 2025 3:35pm
appkit-basic-up-example	Ignored			Oct 16, 2025 3:35pm
appkit-ethers5-bera	Ignored			Oct 16, 2025 3:35pm
appkit-nansen-demo	Ignored			Oct 16, 2025 3:35pm
appkit-vue-solana	Ignored			Oct 16, 2025 3:35pm
appkit-wagmi-cdn-example	Ignored			Oct 16, 2025 3:35pm
ethereum-provider-wagmi-example	Ignored			Oct 16, 2025 3:35pm
next-wagmi-solana-bitcoin-example	Ignored			Oct 16, 2025 3:35pm
vue-wagmi-example	Ignored			Oct 16, 2025 3:35pm

[changeset-bot]

⚠️ No Changeset found

Latest commit: e70f722

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[github-actions]

📦 Bundle Size Check

✅ All bundles are within size limits

📊 View detailed bundle sizes

> @reown/[email protected] size /home/runner/work/appkit/appkit

> size-limit

@reown/appkit - Main Entry
Size limit:   80 kB
Size:         70.42 kB with all dependencies, minified and gzipped
Loading time: 1.4 s    on slow 3G
Running time: 348 ms   on Snapdragon 410
Total time:   1.8 s
@reown/appkit/react
Size limit:   230 kB
Size:         225.72 kB with all dependencies, minified and gzipped
Loading time: 4.5 s     on slow 3G
Running time: 679 ms    on Snapdragon 410
Total time:   5.1 s
@reown/appkit/vue
Size limit:   80 kB
Size:         70.42 kB with all dependencies, minified and gzipped
Loading time: 1.4 s    on slow 3G
Running time: 292 ms   on Snapdragon 410
Total time:   1.7 s
@reown/appkit-scaffold-ui
Size limit:   220 kB
Size:         206.01 kB with all dependencies, minified and gzipped
Loading time: 4.1 s     on slow 3G
Running time: 403 ms    on Snapdragon 410
Total time:   4.5 s
@reown/appkit-ui
Size limit:   500 kB
Size:         12.99 kB with all dependencies, minified and gzipped
Loading time: 254 ms   on slow 3G
Running time: 112 ms   on Snapdragon 410
Total time:   366 ms

[github-actions]

Coverage Report

Status	Category	Percentage	Covered / Total
🔵	Lines	79.89%	36692 / 45925
🔵	Statements	79.89%	36692 / 45925
🔵	Functions	78.16%	4016 / 5138
🔵	Branches	86.39%	8813 / 10201

File Coverage

No changed files found.

Generated in workflow #15910 for commit e70f722 by the Vitest Coverage Report Action

[dependabot]

Dependabot can't resolve your JavaScript dependency files. Because of this, Dependabot cannot update this pull request.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	chalk@​4.1.2
	globals@​13.24.0

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		[email protected] has Obfuscated code. Confidence: 0.94 Location: Package overview From: pnpm-lock.yaml → npm/[email protected] ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[dependabot]

Superseded by #5259.