chore(deps): bump @arcjet/next from 1.0.0-beta.17 to 1.3.1

[dependabot]

Bumps @arcjet/next from 1.0.0-beta.17 to 1.3.1.

Release notes

Sourced from @​arcjet/next's releases.

v1.3.1

1.3.1 (2026-03-30)

🪲 Bug Fixes

• filter: update wasm and add tests for len() on absent map fields (#5929) (d2a3161)
• install command & pricing references (#5959) (7e54cbd)

📝 Documentation

• add api sections (#5803) (a203381)

🧹 Miscellaneous Chores

• add ARCJET_SIGNALS to well-known bots list (#5930) (a936e87)
• astro: support astro@6 (#5963) (0058e90)
• docs: refresh READMEs (#5951) (e1957d3)
• refresh READMEs (#5940) (dae94a1)
• trunk: disable trivy (#5937) (d5b5b62)

🔨 Build System

• deps-dev: bump flatted from 3.3.3 to 3.4.2 in /examples/nestjs (#5939) (1731808)
• deps-dev: bump tar from 7.5.10 to 7.5.11 in /examples/nextjs-app-dir-rate-limit (#5924) (db91f18)
• deps: bump tar from 7.5.10 to 7.5.11 in /examples/nuxt (#5925) (66cb779)

v1.3.0

1.3.0 (2026-03-12)

🚀 New Features

• add botnet category and IP abuser detection (#5913) (d307e26)
• graduate experimental_detectPromptInjection to detectPromptInjection (#5920) (0e0e4c1)
• set minimum timeout when detectPromptInjection rule present (#5922) (36ec27e)

🧹 Miscellaneous Chores

• publish packages in topological dependency order (#5911) (3068548)

🔨 Build System

• deps-dev: bump tar from 7.5.10 to 7.5.11 in /examples/nextjs-app-dir-validate-email (#5916) (22784d4)
• deps-dev: bump tar from 7.5.10 to 7.5.11 in /examples/nextjs-ip-details (#5914) (e7f14ee)

... (truncated)

Changelog

Sourced from @​arcjet/next's changelog.

1.3.1 (2026-03-30)

🧹 Miscellaneous Chores

• docs: refresh READMEs (#5951) (e1957d3)
• refresh READMEs (#5940) (dae94a1)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​arcjet/body bumped from 1.3.0 to 1.3.1
    • @​arcjet/env bumped from 1.3.0 to 1.3.1
    • @​arcjet/headers bumped from 1.3.0 to 1.3.1
    • @​arcjet/ip bumped from 1.3.0 to 1.3.1
    • @​arcjet/logger bumped from 1.3.0 to 1.3.1
    • @​arcjet/protocol bumped from 1.3.0 to 1.3.1
    • @​arcjet/transport bumped from 1.3.0 to 1.3.1
    • arcjet bumped from 1.3.0 to 1.3.1
  • devDependencies
    • @​arcjet/eslint-config bumped from 1.3.0 to 1.3.1
    • @​arcjet/rollup-config bumped from 1.3.0 to 1.3.1

1.3.0 (2026-03-12)

🧹 Miscellaneous Chores

• @​arcjet/next: Synchronize arcjet-js versions

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​arcjet/body bumped from 1.2.0 to 1.3.0
    • @​arcjet/env bumped from 1.2.0 to 1.3.0
    • @​arcjet/headers bumped from 1.2.0 to 1.3.0
    • @​arcjet/ip bumped from 1.2.0 to 1.3.0
    • @​arcjet/logger bumped from 1.2.0 to 1.3.0
    • @​arcjet/protocol bumped from 1.2.0 to 1.3.0
    • @​arcjet/transport bumped from 1.2.0 to 1.3.0
    • arcjet bumped from 1.2.0 to 1.3.0
  • devDependencies
    • @​arcjet/eslint-config bumped from 1.2.0 to 1.3.0
    • @​arcjet/rollup-config bumped from 1.2.0 to 1.3.0

1.2.0 (2026-03-06)

... (truncated)

Commits

• ddcad58 chore: Release 1.3.1 (#5926)
• b3f76ef deps: periodic dependency update and security update (#5965)
• e1957d3 chore(docs): refresh READMEs (#5951)
• dae94a1 chore: refresh READMEs (#5940)
• 9ddc395 deps(dev): update dependency @​rollup/wasm-node to v4.59.0 (#5935)
• 682a80e chore: Release 1.3.0 (#5912)
• 9992ba4 chore: Release 1.2.0 (#5802)
• a56c62b deps: periodic dependency update (#5892)
• d2acb63 chore: Release 1.1.0 (#5775)
• e5ea30f types: fix withRule with rule properties (#5793)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

Summary by cubic

Bumped @arcjet/next from 1.0.0-beta.17 to 1.3.1 to adopt the stable release and upstream improvements. No app code changes required.

• Dependencies
  • Updates @arcjet/next to 1.3.1, pulling @arcjet/* 1.3.1 and @connectrpc/*/@bufbuild/protobuf v2 via the lockfile.
  • Inherits features like botnet/IP abuser detection, detectPromptInjection (graduated from experimental, with a minimum timeout), plus a filter bug fix.

^{Written for commit dc40097. Summary will update on new commits.}

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
fuseion	Error		Apr 6, 2026 3:47pm

[changeset-bot]

⚠️ No Changeset found

Latest commit: dc40097

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[cubic-dev-ai]

No issues found across 2 files