chore(deps): bump swr from 2.3.3 to 2.3.8

[dependabot]

Bumps swr from 2.3.3 to 2.3.8.

Release notes

Sourced from swr's releases.

v2.3.8

What's Changed

• deps: upgrade dev deps for build by @​promer94 in vercel/swr#4188
• update use-sync-external-store to latest by @​huozhi in vercel/swr#4189
• fix: cve-2025-55182 critical rce vulnerability by @​PierreCrb in vercel/swr#4192
• fix: cve-2025-55184 & CVE-2025-55183 by @​PierreCrb in vercel/swr#4198
• upgrade dev dep nextjs by @​huozhi in vercel/swr#4199
• update dev dependencies to address cve by @​PierreCrb in vercel/swr#4200
• enhance: Improve TSDoc comments by @​shuding in vercel/swr#4203
• test: Import act from React by @​shuding in vercel/swr#4202

New Contributors

• @​PierreCrb made their first contribution in vercel/swr#4192

Full Changelog: vercel/swr@v2.3.7...v2.3.8

v2.3.7

What's Changed

• deps: upgrade ci node version to 22 by @​promer94 in vercel/swr#4184
• deps: upgrade pnpm version by @​promer94 in vercel/swr#4185
• deps: upgrade playwright version by @​promer94 in vercel/swr#4186
• deps: upgrade eslint version and fix lint problem by @​promer94 in vercel/swr#4187
• feat: Add strictServerPrefetchWarning by @​shuding in vercel/swr#4183

Full Changelog: vercel/swr@v2.3.6...v2.3.7

v2.3.6

Patches

• fix: do not error when not enabled during suspense by @​huozhi in vercel/swr#4156

Full Changelog: vercel/swr@v2.3.5...v2.3.6

v2.3.5

Patches

• perf: optimize useSWRConfig with useMemo to maintain stable reference by @​samuel871211 in vercel/swr#4110 vercel/swr#4076
• fix: react.use should not depend on data condition by @​huozhi in vercel/swr#4150

Chores

• doc: Sync PublicConfiguration.onDiscarded tsdoc with SWR official website by @​samuel871211 in
• test: e2e test for 2702 by @​promer94 in vercel/swr#4154

New Contributors

• @​eungwang1 made their first contribution in vercel/swr#2947

Full Changelog: vercel/swr@v2.3.4...v2.3.5

v2.3.5-beta.0

... (truncated)

Commits

• e0426a9 2.3.8
• ca6e11d test: Import act from React (#4202)
• eff8fda enhance: Improve TSDoc comments (#4203)
• b2e7db3 update dev dependencies to address cve (#4200)
• 952198b upgrade dev dep nextjs (#4199)
• 147c728 fix: cve-2025-55184 & CVE-2025-55183 (#4198)
• 7051040 fix: cve-2025-55182 critical rce vulnerability (#4192)
• da76c01 update use-sync-external-store to latest (#4189)
• c7eda39 deps: upgrade dev deps for build (#4188)
• 5460504 2.3.7
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: automerge. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[changeset-bot]

⚠️ No Changeset found

Latest commit: d1c4130

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[bundlemon]

BundleMon

Unchanged files (13)

Status	Path	Size	Limits
✅	resolver/dist/index.browser.mjs	2.3KB	-
✅	resolver/dist/index.native.mjs	2.3KB	-
✅	resolver/dist/index.node.mjs	2.3KB	-
✅	server/dist/index.browser.mjs	702B	-
✅	server/dist/index.native.mjs	701B	-
✅	server/dist/index.node.mjs	698B	-
✅	react/dist/index.browser.mjs	471B	-
✅	react/dist/index.native.mjs	469B	-
✅	react/dist/index.node.mjs	468B	-
✅	@pubkey-cache/core production bundle core/dist/index.production.min.js	141B	-
✅	core/dist/index.browser.mjs	125B	-
✅	core/dist/index.native.mjs	124B	-
✅	core/dist/index.node.mjs	122B	-

No change in files bundle size

Final result: ✅

View report in BundleMon website ➡️

---

Current branch size history | Target branch size history

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.