chore(deps): update javascript by renovate[bot] · Pull Request #513 · overmindtech/terraform-example

renovate · 2026-03-27T00:52:43Z

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
@hookform/resolvers (source)	`5.2.2` → `5.4.0`
@radix-ui/react-accordion (source)	`1.2.12` → `1.2.13`
@radix-ui/react-alert-dialog (source)	`1.1.15` → `1.1.16`
@radix-ui/react-aspect-ratio (source)	`1.1.8` → `1.1.9`
@radix-ui/react-avatar (source)	`1.1.11` → `1.1.12`
@radix-ui/react-checkbox (source)	`1.3.3` → `1.3.4`
@radix-ui/react-collapsible (source)	`1.1.12` → `1.1.13`
@radix-ui/react-context-menu (source)	`2.2.16` → `2.3.0`
@radix-ui/react-dialog (source)	`1.1.15` → `1.1.16`
@radix-ui/react-dropdown-menu (source)	`2.1.16` → `2.1.17`
@radix-ui/react-hover-card (source)	`1.1.15` → `1.1.16`
@radix-ui/react-label (source)	`2.1.8` → `2.1.9`
@radix-ui/react-menubar (source)	`1.1.16` → `1.1.17`
@radix-ui/react-navigation-menu (source)	`1.2.14` → `1.2.15`
@radix-ui/react-popover (source)	`1.1.15` → `1.1.16`
@radix-ui/react-progress (source)	`1.1.8` → `1.1.9`
@radix-ui/react-radio-group (source)	`1.3.8` → `1.4.0`
@radix-ui/react-scroll-area (source)	`1.2.10` → `1.2.11`
@radix-ui/react-select (source)	`2.2.6` → `2.3.0`
@radix-ui/react-separator (source)	`1.1.8` → `1.1.9`
@radix-ui/react-slider (source)	`1.3.6` → `1.4.0`
@radix-ui/react-slot (source)	`1.2.4` → `1.2.5`
@radix-ui/react-switch (source)	`1.2.6` → `1.3.0`
@radix-ui/react-tabs (source)	`1.1.13` → `1.1.14`
@radix-ui/react-toast (source)	`1.2.15` → `1.2.16`
@radix-ui/react-toggle (source)	`1.1.10` → `1.1.11`
@radix-ui/react-toggle-group (source)	`1.1.11` → `1.1.12`
@radix-ui/react-tooltip (source)	`1.2.8` → `1.2.9`
@tailwindcss/postcss (source)	`4.2.2` → `4.3.1`
@tanstack/react-query (source)	`5.95.2` → `5.101.0`
@types/node (source)	`24.12.0` → `24.13.2`
@types/react (source)	`19.2.14` → `19.2.17`
@vitejs/plugin-react-swc (source)	`4.3.0` → `4.3.1`
autoprefixer	`10.4.27` → `10.5.0`
date-fns	`4.1.0` → `4.4.0`
eslint (source)	`10.1.0` → `10.5.0`
eslint-plugin-react-hooks (source)	`7.0.1` → `7.1.1`
globals	`17.4.0` → `17.6.0`
lovable-tagger	`1.1.13` → `1.3.0`
lucide-react (source)	`1.6.0` → `1.18.0`
postcss (source)	`8.5.8` → `8.5.15`
react (source)	`19.2.4` → `19.2.7`
react-dom (source)	`19.2.4` → `19.2.7`
react-hook-form (source)	`7.72.0` → `7.79.0`
react-resizable-panels (source)	`4.7.5` → `4.11.2`
react-router-dom (source)	`7.13.2` → `7.17.0`
recharts	`3.8.0` → `3.8.1`
tailwind-merge	`3.5.0` → `3.6.0`
tailwindcss (source)	`4.2.2` → `4.3.1`
typescript (source)	`6.0.2` → `6.0.3`
typescript-eslint (source)	`8.57.2` → `8.61.0`
vite (source)	`8.0.2` → `8.0.16`
zod (source)	`4.3.6` → `4.4.3`

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Release Notes

react-hook-form/resolvers (@hookform/resolvers)

`v5.4.0`

Compare Source

Features

feat: add ata-validator resolver (#845)

Fixes

fix issue with toNestErrors.ts (#848)

add guidance on passing context to yupResolver (useForm context) (#835) (3d29924)

radix-ui/primitives (@radix-ui/react-accordion)

`v1.2.13`

Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-collapsible@1.1.13, @radix-ui/react-collection@1.1.9, @radix-ui/react-direction@1.1.2, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-id@1.1.2, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-controllable-state@1.2.3

radix-ui/primitives (@radix-ui/react-alert-dialog)

`v1.1.16`

Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-dialog@1.1.16, @radix-ui/react-slot@1.2.5, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-primitive@2.1.5

radix-ui/primitives (@radix-ui/react-aspect-ratio)

`v1.1.9`

Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-primitive@2.1.5

radix-ui/primitives (@radix-ui/react-avatar)

`v1.1.12`

Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-context@1.1.4, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-callback-ref@1.1.2, @radix-ui/react-use-is-hydrated@0.1.1, @radix-ui/react-use-layout-effect@1.1.2

radix-ui/primitives (@radix-ui/react-checkbox)

`v1.3.4`

Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-presence@1.1.6, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-controllable-state@1.2.3, @radix-ui/react-use-previous@1.1.2, @radix-ui/react-use-size@1.1.2

radix-ui/primitives (@radix-ui/react-collapsible)

`v1.1.13`

Fixed triggers referencing a non-existent element via aria-controls when their content is removed from the DOM (credit to @dodomorandi for the original PR)
Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-presence@1.1.6, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-id@1.1.2, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-controllable-state@1.2.3, @radix-ui/react-use-layout-effect@1.1.2

radix-ui/primitives (@radix-ui/react-context-menu)

`v2.3.0`

Added support for a controlled open prop on ContextMenu.Root. This is intended for reading the open state and closing the menu programmatically, though we discourage opening the menu programmatically since opening the menu depends on user interaction to position the menu.
Fixed bug in context menu where submenus stayed expanded after re-opening on long-press touch events
Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-menu@2.1.17, @radix-ui/primitive@1.1.4, @radix-ui/react-context@1.1.4, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-controllable-state@1.2.3

radix-ui/primitives (@radix-ui/react-dialog)

`v1.1.16`

Fixed disabled pointer events in closed dialogs
Fixed a bug where iOS text selection and editing on HTML inputs within react-dialog were broken
Fixed triggers referencing a non-existent element via aria-controls when their content is removed from the DOM (credit to @dodomorandi for the original PR)
Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-presence@1.1.6, @radix-ui/react-slot@1.2.5, @radix-ui/react-focus-guards@1.1.4, @radix-ui/react-dismissable-layer@1.1.12, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-focus-scope@1.1.9, @radix-ui/react-id@1.1.2, @radix-ui/react-portal@1.1.11, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-controllable-state@1.2.3

radix-ui/primitives (@radix-ui/react-dropdown-menu)

`v2.1.17`

Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-menu@2.1.17, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-id@1.1.2, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-controllable-state@1.2.3

radix-ui/primitives (@radix-ui/react-hover-card)

`v1.1.16`

Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-presence@1.1.6, @radix-ui/react-popper@1.3.0, @radix-ui/react-dismissable-layer@1.1.12, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-portal@1.1.11, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-controllable-state@1.2.3

radix-ui/primitives (@radix-ui/react-label)

`v2.1.9`

Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-primitive@2.1.5

radix-ui/primitives (@radix-ui/react-menubar)

`v1.1.17`

Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-menu@2.1.17, @radix-ui/react-collection@1.1.9, @radix-ui/react-direction@1.1.2, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-id@1.1.2, @radix-ui/react-primitive@2.1.5, @radix-ui/react-roving-focus@1.1.12, @radix-ui/react-use-controllable-state@1.2.3

radix-ui/primitives (@radix-ui/react-navigation-menu)

`v1.2.15`

Fixed triggers referencing a non-existent element via aria-controls when their content is removed from the DOM (credit to @dodomorandi for the original PR)
Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-presence@1.1.6, @radix-ui/react-dismissable-layer@1.1.12, @radix-ui/react-collection@1.1.9, @radix-ui/react-direction@1.1.2, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-id@1.1.2, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-callback-ref@1.1.2, @radix-ui/react-use-controllable-state@1.2.3, @radix-ui/react-use-layout-effect@1.1.2, @radix-ui/react-use-previous@1.1.2, @radix-ui/react-visually-hidden@1.2.5

radix-ui/primitives (@radix-ui/react-popover)

`v1.1.16`

Fixed a bug where iOS text selection and editing on HTML inputs within react-dialog were broken
Fixed triggers referencing a non-existent element via aria-controls when their content is removed from the DOM (credit to @dodomorandi for the original PR)
Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-presence@1.1.6, @radix-ui/react-popper@1.3.0, @radix-ui/react-slot@1.2.5, @radix-ui/react-focus-guards@1.1.4, @radix-ui/react-dismissable-layer@1.1.12, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-focus-scope@1.1.9, @radix-ui/react-id@1.1.2, @radix-ui/react-portal@1.1.11, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-controllable-state@1.2.3

radix-ui/primitives (@radix-ui/react-progress)

`v1.1.9`

Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-context@1.1.4, @radix-ui/react-primitive@2.1.5

radix-ui/primitives (@radix-ui/react-radio-group)

`v1.4.0`

Added unstable RadioGroupItemProvider, RadioGroupItemTrigger and RadioGroupItemBubbleInput parts. These expose the previously internal composition of a radio item (context provider, the interactive control, and the hidden form input) so consumers can directly access and recompose them. The RadioGroupItem component continues to render them by default.
Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-presence@1.1.6, @radix-ui/react-direction@1.1.2, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-primitive@2.1.5, @radix-ui/react-roving-focus@1.1.12, @radix-ui/react-use-controllable-state@1.2.3, @radix-ui/react-use-previous@1.1.2, @radix-ui/react-use-size@1.1.2

radix-ui/primitives (@radix-ui/react-scroll-area)

`v1.2.11`

Fixed missing data-state attribute for Scroll Area scrollbars
Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-presence@1.1.6, @radix-ui/react-direction@1.1.2, @radix-ui/number@1.1.2, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-callback-ref@1.1.2, @radix-ui/react-use-layout-effect@1.1.2

radix-ui/primitives (@radix-ui/react-select)

`v2.3.0`

Added unstable Provider and BubbleInput parts to Select. Select.unstable_Provider sets up Select's context and state without implicitly rendering the hidden native select, and Select.unstable_BubbleInput exposes that previously internal native select so consumers can recompose it explicitly. Select continues to render both by default.
Added support for presence-based exit animations in Select
Fixed Select hidden input so it submits empty string when no value is selected
Fixed placeholder rendering when a controlled Select is reset to an empty value
Added missing __selectScope prop to PopperContent component
Fixed Select closing unexpectedly after touch-scrolling its content when rendered inside an open shadow DOM
Fixed a bug where iOS text selection and editing on HTML inputs within react-dialog were broken
Fixed triggers referencing a non-existent element via aria-controls when their content is removed from the DOM (credit to @dodomorandi for the original PR)
Fixed SelectValue logging invalid prop errors when used with both asChild and a placeholder
Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-presence@1.1.6, @radix-ui/react-popper@1.3.0, @radix-ui/react-slot@1.2.5, @radix-ui/react-focus-guards@1.1.4, @radix-ui/react-dismissable-layer@1.1.12, @radix-ui/react-collection@1.1.9, @radix-ui/react-direction@1.1.2, @radix-ui/number@1.1.2, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-focus-scope@1.1.9, @radix-ui/react-id@1.1.2, @radix-ui/react-portal@1.1.11, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-callback-ref@1.1.2, @radix-ui/react-use-controllable-state@1.2.3, @radix-ui/react-use-layout-effect@1.1.2, @radix-ui/react-use-previous@1.1.2, @radix-ui/react-visually-hidden@1.2.5

radix-ui/primitives (@radix-ui/react-separator)

`v1.1.9`

Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-primitive@2.1.5

radix-ui/primitives (@radix-ui/react-slider)

`v1.4.0`

Added unstable ThumbProvider, ThumbTrigger, and BubbleInput parts to Slider. SliderThumb was previously a single component that implicitly rendered a hidden native input for form submission. It is now composed from these new parts, which are exposed so consumers can decouple the bubble input from the thumb (for example, to render or customize it independently) instead of relying on SliderThumb to render it implicitly. SliderThumb continues to render all three by default, so existing usage is unaffected.
Added focusVisible for non-keyboard interactions with slider thumbs for progressively enabling styles using :focus-visible alongside programmatic focus management
Fixed Slider focus bugs in scrollable context
Fixed a Slider bug where very small step values made the thumbs unresponsive
Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-collection@1.1.9, @radix-ui/react-direction@1.1.2, @radix-ui/number@1.1.2, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-controllable-state@1.2.3, @radix-ui/react-use-layout-effect@1.1.2, @radix-ui/react-use-previous@1.1.2, @radix-ui/react-use-size@1.1.2

radix-ui/primitives (@radix-ui/react-slot)

`v1.2.5`

Fixed infinite re-render loop in React 19 caused by Slot creating a new ref callback on every render
Added support for nested Slottable via a render prop, so a slotted element can be wrapped while still merging Slot props and refs onto it
Added repository.directory to all package.json files
Improved error messages for invalid slot children
Updated dependencies: @radix-ui/react-compose-refs@1.1.3

radix-ui/primitives (@radix-ui/react-switch)

`v1.3.0`

Added unstable Provider, Trigger and BubbleInput parts to Switch. These expose the previously internal composition (context provider, the interactive control, and the hidden form input) so consumers can directly access and recompose them. The Switch component continues to render them by default.
Added repository.directory to all package.json files
Updated dependencies: @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-controllable-state@1.2.3, @radix-ui/react-use-previous@1.1.2, @radix-ui/react-use-size@1.1.2

radix-ui/primitives (@radix-ui/react-tabs)

`v1.1.14`

Fixed triggers referencing a non-existent element via aria-controls when their content is removed from the DOM (credit to @dodomorandi for the original PR)
Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-presence@1.1.6, @radix-ui/react-direction@1.1.2, @radix-ui/primitive@1.1.4, @radix-ui/react-context@1.1.4, @radix-ui/react-id@1.1.2, @radix-ui/react-primitive@2.1.5, @radix-ui/react-roving-focus@1.1.12, @radix-ui/react-use-controllable-state@1.2.3

radix-ui/primitives (@radix-ui/react-toast)

`v1.2.16`

Allow to specify container for ToastAnnounce
Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-presence@1.1.6, @radix-ui/react-dismissable-layer@1.1.12, @radix-ui/react-collection@1.1.9, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-portal@1.1.11, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-callback-ref@1.1.2, @radix-ui/react-use-controllable-state@1.2.3, @radix-ui/react-use-layout-effect@1.1.2, @radix-ui/react-visually-hidden@1.2.5

radix-ui/primitives (@radix-ui/react-toggle)

`v1.1.11`

Added repository.directory to all package.json files
Updated dependencies: @radix-ui/primitive@1.1.4, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-controllable-state@1.2.3

radix-ui/primitives (@radix-ui/react-toggle-group)

`v1.1.12`

Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-direction@1.1.2, @radix-ui/primitive@1.1.4, @radix-ui/react-context@1.1.4, @radix-ui/react-primitive@2.1.5, @radix-ui/react-roving-focus@1.1.12, @radix-ui/react-toggle@1.1.11, @radix-ui/react-use-controllable-state@1.2.3

radix-ui/primitives (@radix-ui/react-tooltip)

`v1.2.9`

Fixed runtime error when event target is non-Node
Fixed a Tooltip bug so that skipDelayDuration={0} works as expected. Previously, the open delay could still be skipped when moving between triggers.
Added repository.directory to all package.json files
Updated dependencies: @radix-ui/react-presence@1.1.6, @radix-ui/react-popper@1.3.0, @radix-ui/react-slot@1.2.5, @radix-ui/react-dismissable-layer@1.1.12, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-id@1.1.2, @radix-ui/react-portal@1.1.11, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-controllable-state@1.2.3, @radix-ui/react-visually-hidden@1.2.5

tailwindlabs/tailwindcss (@tailwindcss/postcss)

`v4.3.1`

Compare Source

Added

Add --silent option to suppress output in @tailwindcss/cli (#20100)

Fixed

Remove deprecation warnings by using Module#registerHooks instead of Module#register on Node 26+ (#20028)
Canonicalization: don't crash when plugin utilities throw for unsupported values (#20052)
Allow @apply to be used with CSS mixins (#19427)
Ensure not-* correctly negates @container queries, including style(…) queries (#20059)
Ensure drop-shadow-* color utilities work with custom shadow values containing calc(…) (#20080)
Fix 'Sourcemap is likely to be incorrect' warnings when using @tailwindcss/vite (#20103)
Ensure @tailwindcss/webpack can be installed in Rspack projects without requiring webpack as a peer dependency (#20027)
Canonicalization: don't suggest invalid calc(…) expressions (e.g. px-[calc(1rem+0px)] → px-[calc(1rem+0)]) (#20127)
Canonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. left-[99999px] → left-[99999px], not left-24999.75) (#20130)
Ensure @tailwindcss/cli in --watch mode recovers when a tracked dependency is deleted and restored (#20137)
Ensure standalone @tailwindcss/cli binaries are ignored when scanning for class candidates (#20139)
Ensure class candidates are extracted from Twig addClass(…) and removeClass(…) calls (#20198)
Don't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (#19588)
Allow @variant to be used inside addBase (#19480)
Ensure @source globs with symlinks are preserved (#20203)
Ensure later @source rules can re-include files excluded by earlier @source not rules (#20203)
Upgrade: don't migrate empty class rules to invalid @utility rules (#20205)
Ensure transitions between inset-shadow-none and other inset shadows work correctly (#20208)
Ensure explicitly referenced @source directories are scanned even when ignored by git (#20214)
Ensure @source globs ending in **/* preserve dynamic path segments to avoid scanning too many files (#20217)
Canonicalization: don't fold calc(…) divisions when the result would require high precision (e.g. w-[calc(100%/3.5)] → w-[calc(100%/3.5)], not w-[28.571428571428573%]) (#20221)
Serve ESM type declarations to ESM importers of @tailwindcss/postcss (#20228)

Changed

Generate 0 instead of calc(var(--spacing) * 0) for spacing utilities like m-0 and left-0 (#20196)
Generate var(--spacing) instead of calc(var(--spacing) * 1) for spacing utilities like m-1 and left-1 (#20196)

`v4.3.0`

Compare Source

Added

Add @container-size utility (#18901)
Add scrollbar-{auto,thin,none} utilities for scrollbar-width, and scrollbar-thumb-* / scrollbar-track-* color utilities for scrollbar-color (#19981, #20019)
Add scrollbar-gutter-* utilities (#20018)
Add zoom-* utilities (#20020)
Add tab-* utilities (#20022)
Allow using @variant with stacked variants (e.g. @variant hover:focus { … }) (#19996)
Allow using @variant with compound variants (e.g. @variant hover, focus { … }) (#19996)
Support --default(…) in --value(…) and --modifier(…) for functional @utility definitions (#19989)

Fixed

Ensure @plugin resolves package JavaScript entries instead of browser CSS entries when using @tailwindcss/vite (#19949)
Fix relative @import and @plugin paths resolving from the wrong directory when using @tailwindcss/vite (#19965)
Ensure CSS files containing @variant are processed by @tailwindcss/vite (#19966)
Resolve imports relative to base when result.opts.from is not provided when using @tailwindcss/postcss (#19980)
Canonicalization: preserve significant _ whitespace in arbitrary values (#19986)
Canonicalization: add parentheses when removing whitespace from arbitrary values would hurt readability (e.g. w-[calc(100%---spacing(60))] → w-[calc(100%-(--spacing(60)))]) (#19986)
Canonicalization: preserve the original unit in arbitrary values instead of normalizing to base units (e.g. -mt-[20in] → mt-[-20in], not mt-[-1920px]) (#19988)
Canonicalization: migrate arbitrary :has() variants from [&:has(…)] to has-[…] (#19991)
Upgrade: don’t migrate inline style attributes (e.g. style="flex-grow: 1" → style="flex-grow: 1", not style="grow: 1") (#19918)
Allow multiple @utility definitions with the same name but different value types (#19777)
Export missing PluginWithConfig type from tailwindcss/plugin to fix errors when inferring plugin config types (#19707)
Ensure start and end legacy utilities without values do not generate CSS (#20003)
Ensure --value(…) is required in functional @utility definitions (#20005)
Canonicalization: preserve required whitespace around operators in negated arbitrary values (e.g. -left-[(var(--a)+var(--b))]) (#20011)

`v4.2.4`

Compare Source

Fixed

Ensure imports in @import and @plugin still resolve correctly when using Vite aliases in @tailwindcss/vite (#19947)

`v4.2.3`

Compare Source

Fixed

Canonicalization: improve canonicalizations for tracking-* utilities by preferring non-negative utilities (e.g. -tracking-tighter → tracking-wider) (#19827)
Fix crash due to invalid characters in candidate (exceeding valid unicode code point range) (#19829)
Ensure query params in imports are considered unique resources when using @tailwindcss/webpack (#19723)
Canonicalization: collapse arbitrary values into shorthand utilities (e.g. px-[1.2rem] py-[1.2rem] → p-[1.2rem]) (#19837)
Canonicalization: collapse border-{t,b}-* into border-y-*, border-{l,r}-* into border-x-*, and border-{t,r,b,l}-* into border-* (#19842)
Canonicalization: collapse scroll-m{t,b}-* into scroll-my-*, scroll-m{l,r}-* into scroll-mx-*, and scroll-m{t,r,b,l}-* into scroll-m-* (#19842)
Canonicalization: collapse scroll-p{t,b}-* into scroll-py-*, scroll-p{l,r}-* into scroll-px-*, and scroll-p{t,r,b,l}-* into scroll-p-* (#19842)
Canonicalization: collapse overflow-{x,y}-* into overflow-* (#19842)
Canonicalization: collapse overscroll-{x,y}-* into overscroll-* (#19842)
Read from --placeholder-color inst

✂ Note

PR body was truncated to here.

Configuration

📅 Schedule: (in timezone Europe/London)

Branch creation
- "before 10am on friday"
Automerge
- At any time (no schedule defined)

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

github-actions · 2026-03-27T13:30:04Z

Caution

[High Risk] Public ALB target group is being replaced without a matching visible attachment path for the new API instances

The public ALB api-207c90ee-alb still routes through target group api-207c90ee-tg, whose current contract is HTTP on port 80 with health checks on /health. This change replaces that target group while simultaneously replacing multiple backing instances, but the only explicit new target registration in the plan is module.api_access[0].aws_lb_target_group_attachment.api_server_ip, which attaches the new instance to the separate api-health-terraform-example target group on port 9090 rather than to the ALB’s public target group.

That means the new Python health server on 9090 is being wired into an internal health target group, while the internet-facing ALB’s backend group is replaced without a matching visible registration path for the new instances. When Terraform cuts over, the ALB can be left with no registered healthy targets for the public API, causing requests to fail until targets are manually reattached or additional hidden resources happen to restore the missing registrations.
_{View reasoning tree here.}

Warning

[Medium Risk] Production API instances are being placed in the public ALB subnet tier while exposing a new shared-SG health port

Production API instances are being created and replaced in subnet-07b5b1fb2ba02f964, the same subnet tier used by the internet-facing api-207c90ee-alb, instead of the VPC’s private subnets that route outbound traffic through NAT. The subnet does not auto-assign public IPs, so the exact risk is not automatic internet exposure, but this still collapses the intended frontend/backend network boundary and violates the organization’s requirement that EC2 backends live in private subnets behind load balancers.

At the same time, the new module.api_access[0].aws_instance.api_server user data starts a server on 0.0.0.0:9090, and the shared security group sg-089e5107637083db5 already allows TCP 9090 from 10.0.0.0/8. Because that SG is reused broadly, adding a new listener immediately makes the health endpoint reachable from a much larger internal network set than before. This weakens segmentation and expands the blast radius of any misuse or compromise of internal networks and monitoring paths.
_{View reasoning tree here.}

Warning

[Medium Risk] GCP uptime alerts can detach from replacement VMs during the same apply

The change replaces the inventory-api and payments-api GCE VMs while also rewriting their monitoring alert policies, and those policies currently target the VMs by resource.labels.instance_id. Since a Compute Engine instance replacement generates a new instance ID, the existing uptime alerts stop matching the old VM as soon as it is destroyed, and the replacement policy can only bind to the new VM after Terraform computes the new ID.

That creates a real observability gap for both services during rollout, and if the generated filter is wrong the alert can stay detached from the workload permanently. In that state, a failed or unhealthy replacement VM can run without its uptime policy firing, weakening detection and delaying recovery for inventory-api and payments-api.
_{View reasoning tree here.}

Signals

Routine → Multiple AWS instance resources showing unusual infrequent routine changes at 1 event/week for the last 3-5 months, with many changes occurring only 1 event/month for the last 3 months, which is rare compared to typical patterns.
Policies → Multiple infrastructure resources showing unusual policy violations that may need review: the S3 bucket is missing required tags and does not have server-side encryption configured, while the security group allows SSH port 22 access from anywhere 0.0.0.0/0.

_{Additional Change Details:} Items 210 Edges 413 model|risks_v6 ✨Encryption Key State Risk ✨KMS Key Creation

github-actions

⛔ Auto-Blocked

🔴 Decision

Auto-blocked: Routine score (-5) is below minimum (-1)

Routine 🔴 -5

Policies 🔴 -3

🔥 Risks Summary

High 0 · Medium 0 · Low 0

💥 Blast Radius

Items 49 · Edges 141

View full analysis in Overmind ↗

renovate Bot added dependencies Renovatebot and dependabot updates frontend javascript Pull requests that update javascript code labels Mar 27, 2026

renovate Bot enabled auto-merge (squash) March 27, 2026 00:52

renovate Bot added the frontend label Mar 27, 2026

renovate Bot force-pushed the renovate/js branch from 476d981 to 6b06671 Compare March 27, 2026 13:24

github-actions Bot requested changes Mar 27, 2026

View reviewed changes

renovate Bot force-pushed the renovate/js branch from 6b06671 to b24b465 Compare March 28, 2026 17:44

github-actions Bot requested changes Mar 28, 2026

View reviewed changes

renovate Bot force-pushed the renovate/js branch from b24b465 to 0ca9be4 Compare March 30, 2026 17:34

github-actions Bot requested changes Mar 30, 2026

View reviewed changes

renovate Bot force-pushed the renovate/js branch from 0ca9be4 to b5b9bd9 Compare March 31, 2026 12:57

github-actions Bot requested changes Mar 31, 2026

View reviewed changes

renovate Bot force-pushed the renovate/js branch from b5b9bd9 to b39d4fe Compare April 1, 2026 08:41

github-actions Bot requested changes Apr 1, 2026

View reviewed changes

renovate Bot force-pushed the renovate/js branch from b39d4fe to 9ece352 Compare April 2, 2026 22:13

github-actions Bot requested changes Apr 2, 2026

View reviewed changes

renovate Bot force-pushed the renovate/js branch from 9ece352 to a7a8f6e Compare April 3, 2026 09:39

github-actions Bot requested changes Apr 3, 2026

View reviewed changes

renovate Bot force-pushed the renovate/js branch from a7a8f6e to 516875a Compare April 3, 2026 12:37

github-actions Bot requested changes Apr 3, 2026

View reviewed changes

renovate Bot force-pushed the renovate/js branch from 516875a to be444ed Compare April 3, 2026 20:57

github-actions Bot requested changes Apr 3, 2026

View reviewed changes

renovate Bot force-pushed the renovate/js branch from be444ed to 70d47ee Compare April 6, 2026 09:25

github-actions Bot requested changes Apr 6, 2026

View reviewed changes

renovate Bot force-pushed the renovate/js branch from 70d47ee to ed5a5d9 Compare April 6, 2026 12:30

github-actions Bot requested changes Apr 6, 2026

View reviewed changes

renovate Bot force-pushed the renovate/js branch 14 times, most recently from 96efea5 to 2083710 Compare April 30, 2026 11:54

renovate Bot force-pushed the renovate/js branch 11 times, most recently from c80da9e to 039d139 Compare May 7, 2026 10:36

renovate Bot force-pushed the renovate/js branch 4 times, most recently from ed23a9e to c5dc7a6 Compare May 11, 2026 10:57

chore(deps): update javascript

57f97ea

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update javascript#513

chore(deps): update javascript#513
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/js

renovate Bot commented Mar 27, 2026 •

edited

Loading

Uh oh!

github-actions Bot commented Mar 27, 2026 •

edited

Loading

Uh oh!

github-actions Bot left a comment

Uh oh!

github-actions Bot left a comment

Uh oh!

github-actions Bot left a comment

Uh oh!

github-actions Bot left a comment

Uh oh!

github-actions Bot left a comment

Uh oh!

github-actions Bot left a comment

Uh oh!

github-actions Bot left a comment

Uh oh!

github-actions Bot left a comment

Uh oh!

github-actions Bot left a comment

Uh oh!

github-actions Bot left a comment

Uh oh!

github-actions Bot left a comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

renovate Bot commented Mar 27, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Release Notes

Features

Fixes

Added

Fixed

Changed

Added

Fixed

Fixed

Fixed

Configuration

Uh oh!

github-actions Bot commented Mar 27, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Signals

Uh oh!

github-actions Bot left a comment

Choose a reason for hiding this comment

⛔ Auto-Blocked

🔴 Decision

📊 Signals Summary

🔥 Risks Summary

💥 Blast Radius

Uh oh!

github-actions Bot left a comment

Choose a reason for hiding this comment

⛔ Auto-Blocked

🔴 Decision

📊 Signals Summary

🔥 Risks Summary

💥 Blast Radius

Uh oh!

github-actions Bot left a comment

Choose a reason for hiding this comment

⛔ Auto-Blocked

🔴 Decision

📊 Signals Summary

🔥 Risks Summary

💥 Blast Radius

Uh oh!

github-actions Bot left a comment

Choose a reason for hiding this comment

⛔ Auto-Blocked

🔴 Decision

📊 Signals Summary

🔥 Risks Summary

💥 Blast Radius

Uh oh!

github-actions Bot left a comment

Choose a reason for hiding this comment

⛔ Auto-Blocked

🔴 Decision

📊 Signals Summary

🔥 Risks Summary

💥 Blast Radius

Uh oh!

github-actions Bot left a comment

Choose a reason for hiding this comment

⛔ Auto-Blocked

🔴 Decision

📊 Signals Summary

🔥 Risks Summary

💥 Blast Radius

Uh oh!

github-actions Bot left a comment

Choose a reason for hiding this comment

⛔ Auto-Blocked

🔴 Decision

📊 Signals Summary

🔥 Risks Summary

💥 Blast Radius

Uh oh!

github-actions Bot left a comment

Choose a reason for hiding this comment

⛔ Auto-Blocked

🔴 Decision

📊 Signals Summary

renovate Bot commented Mar 27, 2026 •

edited

Loading

github-actions Bot commented Mar 27, 2026 •

edited

Loading