풀 리퀘스트페이지 1
- Merged
docs: add security policy
#45docs/add-security-policy → main
## What & Why Add `SECURITY.md` to document how to report vulnerabilities privately. Since showmycode's purpose is sharing private code without exposing credentials, a clear disclosure path matters — and Private vulnerability reporting is already enabled on the repo, so this gives it a front door. The policy directs reporters to the Security tab instead of public issues, sets a rolling-release support scope (latest `main`), and lists in/out-of-scope issues specific to the threat model (PAT exposure, share-token bypass, allowlist bypass, auth weaknesses). ## Related Issue N/A ## How to Verify 1. Open `SECURITY.md` and confirm the "Report a vulnerability" link points to the repo's Security tab. 2. Confirm there are no UI or code changes (docs-only). ## Checklist - [x] PR title follows [Conventional Commits](https://www.conventionalcommits.org/) (`feat:`, `fix:`, `chore:`, `refactor:`, `docs:`, `i18n:`) - [x] Translations added to both `locales/ko.json` and `locales/en.json` (if UI text changed) - [x] Tested on mobile viewport (if UI changed)
Jiseoup · 2026년 6월 23일docs - Merged
fix: render home at request time so CI builds without secrets
#44fix/ci-build-without-secrets → main
## What & Why The home page (`/[lang]`) was prerendered at build, which called the GitHub API and required `GITHUB_PAT` during `next build`. Fork PRs can't access repo secrets, so their build step failed. Adding `await connection()` makes the home render at request time, so the build no longer calls the API. The `revalidate: 60` data cache is unaffected (still 60s). With no build-time API call, the CI build no longer needs secrets, so the `env:` block is removed — fork PRs now pass the full pipeline and CI holds no secrets. ## Related Issue N/A ## How to Verify 1. Build with no GitHub env vars set (simulating a fork PR): `npm run build` — it succeeds, and `/[lang]` shows as `ƒ (Dynamic)` in the route table. 2. `npm run dev` — the home page still lists repositories. ## Checklist - [x] PR title follows [Conventional Commits](https://www.conventionalcommits.org/) (`feat:`, `fix:`, `chore:`, `refactor:`, `docs:`, `i18n:`) - [x] Translations added to both `locales/ko.json` and `locales/en.json` (if UI text changed) - [x] Tested on mobile viewport (if UI changed)
Jiseoup · 2026년 6월 23일fix - Merged
docs: streamline the contributing guide
#43docs/contributing-guide → main
## What & Why Rewrites CONTRIBUTING.md into a single, concise "Sending a pull request" flow (fork → install → branch + checks → commit + PR). Adds an explicit `upstream` remote step, documents the git-hook–enforced branch/commit conventions, and notes that there is no test suite so changes are verified manually. Also tidies the Contributing section formatting in README.md / README.ko.md to match. ## Related Issue N/A ## How to Verify 1. Read CONTRIBUTING.md and follow the steps — repo URL, env vars, branch prefixes, and check commands all match the project. 2. Run `npm run format:check` — docs are Prettier-clean. 3. Open the Contributing section in README.md / README.ko.md and confirm it renders and links to CONTRIBUTING.md. ## Checklist - [x] PR title follows [Conventional Commits](https://www.conventionalcommits.org/) (`feat:`, `fix:`, `chore:`, `refactor:`, `docs:`, `i18n:`) - [x] Translations added to both `locales/ko.json` and `locales/en.json` (if UI text changed) - [x] Tested on mobile viewport (if UI changed)
Jiseoup · 2026년 6월 23일docs - Merged
chore: bump js-yaml from 4.1.1 to 4.2.0
#42dependabot/npm_and_yarn/js-yaml-4.2.0 → main
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 4.1.1 to 4.2.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md">js-yaml's changelog</a>.</em></p> <blockquote> <h2>[4.2.0] - 2026-06-01</h2> <h3>Added</h3> <ul> <li>Added <code>docs/safety.md</code> with notes about processing untrusted YAML.</li> <li>Added <code>maxDepth</code> (100) loader option. Not a problem, but gives a better exception instead of RangeError on stack overflow.</li> <li>Added <code>maxMergeSeqLength</code> (20) loader option. Not a problem after <code>merge</code> fix, but an additional restriction for safety.</li> <li>Added sourcemaps to <code>dist/</code> builds.</li> </ul> <h3>Changed</h3> <ul> <li>Stop resolving numbers with underscores as numeric scalars, <a href="https://redirect.github.com/nodeca/js-yaml/issues/627">#627</a>.</li> <li>Switched dev toolchains to Vite / neostandard.</li> <li>Updated demo.</li> <li>Reorganized tests.</li> <li><code>dist/</code> files are no longer kept in the repository.</li> </ul> <h3>Fixed</h3> <ul> <li>Fix parsing of properties on the first implicit block mapping key, <a href="https://redirect.github.com/nodeca/js-yaml/issues/62">#62</a>.</li> <li>Fix trailing whitespace handling when folding flow scalar lines, <a href="https://redirect.github.com/nodeca/js-yaml/issues/307">#307</a>.</li> <li>Reject top-level block scalars without content indentation, <a href="https://redirect.github.com/nodeca/js-yaml/issues/280">#280</a>.</li> <li>Ensure numbers survive round-trip, <a href="https://redirect.github.com/nodeca/js-yaml/issues/737">#737</a>.</li> <li>Fix test coverage for issue <a href="https://redirect.github.com/nodeca/js-yaml/issues/221">#221</a>.</li> <li>Fix flow scalar trailing whitespace folding, <a href="https://redirect.github.com/nodeca/js-yaml/issues/307">#307</a>.</li> <li>Fix digits in YAML named tag handles.</li> </ul> <h3>Security</h3> <ul> <li>Fix potential DoS via quadratic complexity in merge - deduplicate repeated elements (makes sense for malformed files > 10K).</li> </ul> <h2>[3.14.2] - 2025-11-15</h2> <h3>Security</h3> <ul> <li>Backported v4.1.1 fix to v3</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nodeca/js-yaml/commit/590dbabadd172b099c07654fab2eabec8c7a07b9"><code>590dbab</code></a> 4.2.0 released</li> <li><a href="https://github.com/nodeca/js-yaml/commit/f944dc5cd132251752499bdb157f33027d362177"><code>f944dc5</code></a> Add package.json funding field</li> <li><a href="https://github.com/nodeca/js-yaml/commit/f6927192223355b64f2a6e19f3071ccc579ee718"><code>f692719</code></a> Changelog update</li> <li><a href="https://github.com/nodeca/js-yaml/commit/9971a068fe7fb67eeedec7cf15fd2aba1b71bd79"><code>9971a06</code></a> Fix digits in YAML named tag handles</li> <li><a href="https://github.com/nodeca/js-yaml/commit/464a5b854b682691d35cc119500f74595d2e513c"><code>464a5b8</code></a> Fix flow scalar trailing whitespace folding, close <a href="https://redirect.github.com/nodeca/js-yaml/issues/307">#307</a></li> <li><a href="https://github.com/nodeca/js-yaml/commit/1fda4f715d368c74e6e65e44d3201946c9577e54"><code>1fda4f7</code></a> Tests for <a href="https://redirect.github.com/nodeca/js-yaml/issues/567">#567</a>, <a href="https://redirect.github.com/nodeca/js-yaml/issues/565">#565</a></li> <li><a href="https://github.com/nodeca/js-yaml/commit/031ad079a65da5018cbe6280f3b9306e39699b5a"><code>031ad07</code></a> Stop resolving numbers with underscores as numeric scalars, <a href="https://redirect.github.com/nodeca/js-yaml/issues/627">#627</a></li> <li><a href="https://github.com/nodeca/js-yaml/commit/e46d223b37110ec2ba5b5b1da672a8f6862832d6"><code>e46d223</code></a> CI config update</li> <li><a href="https://github.com/nodeca/js-yaml/commit/9023feec80d19f4c39e73d1b25fc7644e93bf628"><code>9023fee</code></a> Add lockfile</li> <li><a href="https://github.com/nodeca/js-yaml/commit/990e6f4d1c51d03b53da0dc6df3c7fc0f61ad909"><code>990e6f4</code></a> Docs update</li> <li>Additional commits viewable in <a href="https://github.com/nodeca/js-yaml/compare/4.1.1...4.2.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Jiseoup/showmycode/network/alerts). </details>
- Merged
chore: bump the minor-and-patch group across 1 directory with 11 updates
#41dependabot/npm_and_yarn/minor-and-patch-ca7bbc4605 → main
Bumps the minor-and-patch group with 11 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@radix-ui/react-select](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/select) | `2.2.6` | `2.3.1` | | [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.8.0` | `1.21.0` | | [next](https://github.com/vercel/next.js) | `16.2.1` | `16.2.9` | | [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.4` | `19.2.7` | | [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.14` | `19.2.17` | | [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.4` | `19.2.7` | | [shiki](https://github.com/shikijs/shiki/tree/HEAD/packages/shiki) | `4.0.2` | `4.2.0` | | [tailwind-merge](https://github.com/dcastil/tailwind-merge) | `3.5.0` | `3.6.0` | | [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss) | `4.2.2` | `4.3.1` | | [eslint-config-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next) | `16.2.1` | `16.2.9` | | [prettier-plugin-tailwindcss](https://github.com/tailwindlabs/prettier-plugin-tailwindcss) | `0.7.3` | `0.8.0` | Updates `@radix-ui/react-select` from 2.2.6 to 2.3.1 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/radix-ui/primitives/blob/main/packages/react/select/CHANGELOG.md">@radix-ui/react-select's changelog</a>.</em></p> <blockquote> <h2>2.3.1</h2> <ul> <li>Allowed a <code>Select.Item</code> with an empty string value to act as a "clear" option. Selecting it resets the selection back to the placeholder, restoring the native <code><select></code> behavior for optional selects.</li> <li>Fixed a bug where typeahead search resulted in focusing an element that no longer exists.</li> <li>Updated dependencies: <code>@radix-ui/react-slot@1.3.0</code>, <code>@radix-ui/react-popper@1.3.1</code>, <code>@radix-ui/react-dismissable-layer@1.1.13</code>, <code>@radix-ui/react-primitive@2.1.6</code>, <code>@radix-ui/react-collection@1.1.10</code>, <code>@radix-ui/react-focus-scope@1.1.10</code>, <code>@radix-ui/react-portal@1.1.12</code>, <code>@radix-ui/react-visually-hidden@1.2.6</code></li> </ul> <h2>2.3.0</h2> <ul> <li>Added unstable <code>Provider</code> and <code>BubbleInput</code> parts to Select. <code>Select.unstable_Provider</code> sets up Select's context and state without implicitly rendering the hidden native <code>select</code>, and <code>Select.unstable_BubbleInput</code> exposes that previously internal native <code>select</code> so consumers can recompose it explicitly. <code>Select</code> continues to render both by default.</li> <li>Added support for presence-based exit animations in Select</li> <li>Fixed Select hidden input so it submits empty string when no value is selected</li> <li>Fixed placeholder rendering when a controlled Select is reset to an empty value</li> <li>Added missing <code>__selectScope</code> prop to <code>PopperContent</code> component</li> <li>Fixed <code>Select</code> closing unexpectedly after touch-scrolling its content when rendered inside an open shadow DOM</li> <li>Fixed a bug where iOS text selection and editing on HTML inputs within <code>react-dialog</code> were broken</li> <li>Fixed triggers referencing a non-existent element via <code>aria-controls</code> when their content is removed from the DOM (credit to <a href="https://github.com/dodomorandi"><code>@dodomorandi</code></a> for the <a href="https://redirect.github.com/radix-ui/primitives/pull/3243">original PR</a>)</li> <li>Fixed <code>SelectValue</code> logging invalid prop errors when used with both <code>asChild</code> and a placeholder</li> <li>Added repository.directory to all package.json files</li> <li>Updated dependencies: <code>@radix-ui/react-presence@1.1.6</code>, <code>@radix-ui/react-popper@1.3.0</code>, <code>@radix-ui/react-slot@1.2.5</code>, <code>@radix-ui/react-focus-guards@1.1.4</code>, <code>@radix-ui/react-dismissable-layer@1.1.12</code>, <code>@radix-ui/react-collection@1.1.9</code>, <code>@radix-ui/react-direction@1.1.2</code>, <code>@radix-ui/number@1.1.2</code>, <code>@radix-ui/primitive@1.1.4</code>, <code>@radix-ui/react-compose-refs@1.1.3</code>, <code>@radix-ui/react-context@1.1.4</code>, <code>@radix-ui/react-focus-scope@1.1.9</code>, <code>@radix-ui/react-id@1.1.2</code>, <code>@radix-ui/react-portal@1.1.11</code>, <code>@radix-ui/react-primitive@2.1.5</code>, <code>@radix-ui/react-use-callback-ref@1.1.2</code>, <code>@radix-ui/react-use-controllable-state@1.2.3</code>, <code>@radix-ui/react-use-layout-effect@1.1.2</code>, <code>@radix-ui/react-use-previous@1.1.2</code>, <code>@radix-ui/react-visually-hidden@1.2.5</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/radix-ui/primitives/commits/HEAD/packages/react/select">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new releaser for <code>@radix-ui/react-select</code> since your current version.</p> </details> <br /> Updates `lucide-react` from 1.8.0 to 1.21.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lucide-icons/lucide/releases">lucide-react's releases</a>.</em></p> <blockquote> <h2>Version 1.21.0</h2> <h2>What's Changed</h2> <ul> <li>ci(release.yml): Remove new-version in release flow by <a href="https://github.com/ericfennis"><code>@ericfennis</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4478">lucide-icons/lucide#4478</a></li> <li>ci(release.yml): Fix workflow and remove <code>version</code> scripts in package scripts by <a href="https://github.com/ericfennis"><code>@ericfennis</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4479">lucide-icons/lucide#4479</a></li> <li>fix(docs): rename navigation category label by <a href="https://github.com/Hsiii"><code>@Hsiii</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4483">lucide-icons/lucide#4483</a></li> <li>feat(icons): added <code>broken-bone</code> icon by <a href="https://github.com/Patolord"><code>@Patolord</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4131">lucide-icons/lucide#4131</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Hsiii"><code>@Hsiii</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4483">lucide-icons/lucide#4483</a></li> <li><a href="https://github.com/Patolord"><code>@Patolord</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4131">lucide-icons/lucide#4131</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/lucide-icons/lucide/compare/1.20.0...1.21.0">https://github.com/lucide-icons/lucide/compare/1.20.0...1.21.0</a></p> <h2>Version 1.20.0</h2> <h2>What's Changed</h2> <ul> <li>fix(icons): decreased size of arrows inside <code>square-arrow-*</code> icons by <a href="https://github.com/jguddas"><code>@jguddas</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3926">lucide-icons/lucide#3926</a></li> <li>chore(tags): Add tags to <code>search-</code> icons by <a href="https://github.com/jamiemlaw"><code>@jamiemlaw</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4099">lucide-icons/lucide#4099</a></li> <li>feat(icons): added <code>save-check</code> icon by <a href="https://github.com/Konixy"><code>@Konixy</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3120">lucide-icons/lucide#3120</a></li> <li>feat(icons): added <code>tag-plus</code> and <code>tag-x</code> icons by <a href="https://github.com/adam-kov"><code>@adam-kov</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3980">lucide-icons/lucide#3980</a></li> <li>feat(icons): added <code>banknote-check</code> icon by <a href="https://github.com/mfjramirezf"><code>@mfjramirezf</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3956">lucide-icons/lucide#3956</a></li> <li>feat(icons): added <code>clock-arrow-in</code> icon by <a href="https://github.com/jguddas"><code>@jguddas</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/2403">lucide-icons/lucide#2403</a></li> <li>feat(icons): added <code>summary</code> icon by <a href="https://github.com/jpjacobpadilla"><code>@jpjacobpadilla</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3114">lucide-icons/lucide#3114</a></li> <li>feat(icons): added <code>user-round-arrow-in</code> icon by <a href="https://github.com/jguddas"><code>@jguddas</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/2283">lucide-icons/lucide#2283</a></li> <li>feat(icons): added <code>clock-arrow-out</code> icon by <a href="https://github.com/jguddas"><code>@jguddas</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/2404">lucide-icons/lucide#2404</a></li> <li>docs(docs): fix broken Svelte package source link in README by <a href="https://github.com/SRKrukowski"><code>@SRKrukowski</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4468">lucide-icons/lucide#4468</a></li> <li>chore(deps-dev): bump <code>@angular/compiler</code> from 21.2.5 to 21.2.17 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4474">lucide-icons/lucide#4474</a></li> <li>chore(deps-dev): bump <code>@angular/core</code> from 21.2.5 to 21.2.17 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4470">lucide-icons/lucide#4470</a></li> <li>chore(deps-dev): bump vitest from 4.0.12 to 4.1.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4429">lucide-icons/lucide#4429</a></li> <li>chore(deps-dev): bump markdown-it from 14.1.1 to 14.2.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4475">lucide-icons/lucide#4475</a></li> <li>chore(deps-dev): bump <code>@angular/common</code> from 21.2.5 to 21.2.17 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4471">lucide-icons/lucide#4471</a></li> <li>feat(icons): added <code>pencil-sparkles</code> icon by <a href="https://github.com/jennieboops"><code>@jennieboops</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4445">lucide-icons/lucide#4445</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Konixy"><code>@Konixy</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3120">lucide-icons/lucide#3120</a></li> <li><a href="https://github.com/adam-kov"><code>@adam-kov</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3980">lucide-icons/lucide#3980</a></li> <li><a href="https://github.com/mfjramirezf"><code>@mfjramirezf</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3956">lucide-icons/lucide#3956</a></li> <li><a href="https://github.com/SRKrukowski"><code>@SRKrukowski</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4468">lucide-icons/lucide#4468</a></li> <li><a href="https://github.com/jennieboops"><code>@jennieboops</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4445">lucide-icons/lucide#4445</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/lucide-icons/lucide/compare/1.19.0...1.20.0">https://github.com/lucide-icons/lucide/compare/1.19.0...1.20.0</a></p> <h2>Version 1.19.0</h2> <h2>What's Changed</h2> <ul> <li>chore(deps): upgrade pnpm to version 11.6.0 by <a href="https://github.com/ericfennis"><code>@ericfennis</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4458">lucide-icons/lucide#4458</a></li> <li>feat(icons): added <code>star-*</code> icons by <a href="https://github.com/RajnishKMehta"><code>@RajnishKMehta</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3918">lucide-icons/lucide#3918</a></li> <li>chore(suggest-tags): Update metadata suggestion script by <a href="https://github.com/ericfennis"><code>@ericfennis</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4462">lucide-icons/lucide#4462</a></li> <li>feat(icons): added <code>save-pen</code> icon by <a href="https://github.com/vaporvee"><code>@vaporvee</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4179">lucide-icons/lucide#4179</a></li> <li>feat(icons): added <code>wrench-off</code> icon by <a href="https://github.com/nilsjonsson"><code>@nilsjonsson</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4434">lucide-icons/lucide#4434</a></li> <li>feat(icons): added <code>ad</code> icon by <a href="https://github.com/jamiemlaw"><code>@jamiemlaw</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4323">lucide-icons/lucide#4323</a></li> <li>feat(icons): added <code>eye-dashed</code> icon by <a href="https://github.com/karsa-mistmere"><code>@karsa-mistmere</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4415">lucide-icons/lucide#4415</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lucide-icons/lucide/commit/5ff536e1391335e4f7dc38d244c1bc458b9443e2"><code>5ff536e</code></a> ci(release.yml): Fix workflow and remove <code>version</code> scripts in package scripts...</li> <li><a href="https://github.com/lucide-icons/lucide/commit/07c885e6c1f9952965ba388b7fd2bb7c4d416a67"><code>07c885e</code></a> fix(docs): fix zephyr-cloud URL in readmes</li> <li><a href="https://github.com/lucide-icons/lucide/commit/50d8af5a1012e188f3d71ac8f1fc0fba1aab5357"><code>50d8af5</code></a> docs(readme): Update readme files (<a href="https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react/issues/4320">#4320</a>)</li> <li><a href="https://github.com/lucide-icons/lucide/commit/653e44b83293567ff24dcb90ca1094a9cf0a042a"><code>653e44b</code></a> feat(packages): use .mjs for ESM bundles (<a href="https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react/issues/4285">#4285</a>)</li> <li>See full diff in <a href="https://github.com/lucide-icons/lucide/commits/1.21.0/packages/lucide-react">compare view</a></li> </ul> </details> <br /> Updates `next` from 16.2.1 to 16.2.9 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vercel/next.js/releases">next's releases</a>.</em></p> <blockquote> <h2>v16.2.9</h2> <p>Empty release to ensure <code>next@latest</code> points at a stable release. Next.js only allows publishing with Trusted Publishing enabled. In order to fix NPM dist-tags, we have to release a new version. Updating dist-tags is not possible with Trusted Publishing.</p> <h2>v16.2.8</h2> <p>Release with no changes in an attempt to fix <code>next@latest</code> pointing at a prerelease version.</p> <h2>v16.2.7</h2> <blockquote> <p>[!NOTE] This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>Backport documentation fixes for v16.2 (<a href="https://redirect.github.com/vercel/next.js/issues/93804">#93804</a>)</li> <li>[backport] Patch <code>playwright-core</code> to resolve <code>_finishedPromise</code> on <code>requestFailed</code> (<a href="https://redirect.github.com/vercel/next.js/issues/93920">#93920</a>)</li> <li>[backport] Fix dev mode hydration failure when page is served from HTTP cache (<a href="https://redirect.github.com/vercel/next.js/issues/93492">#93492</a>)</li> <li>[backport] Fix catch-all <code>router.query</code> corruption with <code>basePath</code> + <code>rewrites</code> (<a href="https://redirect.github.com/vercel/next.js/issues/93917">#93917</a>)</li> <li>[backport] Encode non-ASCII characters in cache tags at construction (<a href="https://redirect.github.com/vercel/next.js/issues/93918">#93918</a>)</li> <li>[backport] Fix server action forwarding loop with middleware rewrites (<a href="https://redirect.github.com/vercel/next.js/issues/93919">#93919</a>)</li> <li>[backport] Turbopack: switch from base40 to base38 hash encoding (<a href="https://redirect.github.com/vercel/next.js/issues/93932">#93932</a>)</li> <li>[ci] Disable hanging node 24 typescript tests on 16.2 backport branch (<a href="https://redirect.github.com/vercel/next.js/issues/94164">#94164</a>)</li> <li>[backport] Fix "type: module" in project dir when using standalone or adapters (<a href="https://redirect.github.com/vercel/next.js/issues/94050">#94050</a>)</li> <li>[backport] Propagate adapter preferred regions (<a href="https://redirect.github.com/vercel/next.js/issues/94200">#94200</a>)</li> <li>[16.2.x] Don't drop <code>FormData</code> entries (<a href="https://redirect.github.com/vercel/next.js/issues/94240">#94240</a>)</li> <li>[backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (<a href="https://redirect.github.com/vercel/next.js/issues/94284">#94284</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/eps1lon"><code>@eps1lon</code></a>, <a href="https://github.com/icyJoseph"><code>@icyJoseph</code></a>, <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>, <a href="https://github.com/mischnic"><code>@mischnic</code></a>, <a href="https://github.com/bgw"><code>@bgw</code></a>, <a href="https://github.com/timneutkens"><code>@timneutkens</code></a>, and <a href="https://github.com/lukesandberg"><code>@lukesandberg</code></a> for helping!</p> <h2>v16.2.6</h2> <blockquote> <p>[!NOTE] This release contains security fixes and backported bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Security Fixes</h3> <p>The following advisories have been addressed:</p> <p><strong>High:</strong></p> <ul> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj">GHSA-8h8q-6873-q5fj: Denial of Service with Server Components</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f">GHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6">GHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - <strong>Incomplete Fix Follow-Up</strong></a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx">GHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv">GHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r">GHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5">GHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n</a></li> </ul> <p><strong>Moderate:</strong></p> <ul> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q">GHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h">GHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh">GHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vercel/next.js/commit/f37fad940522e000af5498209fd237d863b4fa16"><code>f37fad9</code></a> v16.2.9</li> <li><a href="https://github.com/vercel/next.js/commit/d9aaaedfd8050e58e3c82c1cea412d670750b32b"><code>d9aaaed</code></a> [cd] Allow tagging semver-lower releases as <code>@latest</code> if <code>@latest</code> po… (<a href="https://redirect.github.com/vercel/next.js/issues/94627">#94627</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/6f1680448c81904efcd36704edf01a6b7323abbf"><code>6f16804</code></a> v16.2.8</li> <li><a href="https://github.com/vercel/next.js/commit/0dbc1d5c860bf47c8c4f794e053b93fd02355d4e"><code>0dbc1d5</code></a> [16.2.x][cd] Ensure release can be triggered on old branches (<a href="https://redirect.github.com/vercel/next.js/issues/94598">#94598</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/90e3c811e7a3603a60dfcf627cc65f8b24ad1d5d"><code>90e3c81</code></a> [16.2.x] Align Actions dependencies with Canary (<a href="https://redirect.github.com/vercel/next.js/issues/94339">#94339</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/83f402c69db9faf3f727bea5c85249fe9af9af54"><code>83f402c</code></a> [16.2.x][cd] Stop fetching all tags when searching parent tag (<a href="https://redirect.github.com/vercel/next.js/issues/94334">#94334</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/411c455dcdec630b9e2e83d24e27b0f9e05927b6"><code>411c455</code></a> v16.2.7</li> <li><a href="https://github.com/vercel/next.js/commit/c63224f3d8e8dd0a4ef8635916f92954421e5f1e"><code>c63224f</code></a> [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolut...</li> <li><a href="https://github.com/vercel/next.js/commit/63115c79877c90df4371c2425f3fc5d3a55ac58d"><code>63115c7</code></a> [16.2.x] Don't drop <code>FormData</code> entries (<a href="https://redirect.github.com/vercel/next.js/issues/94240">#94240</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/aef22fdc828226227f618bb982a222e1256ba6f2"><code>aef22fd</code></a> [backport] Propagate adapter preferred regions (<a href="https://redirect.github.com/vercel/next.js/issues/94200">#94200</a>)</li> <li>Additional commits viewable in <a href="https://github.com/vercel/next.js/compare/v16.2.1...v16.2.9">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new releaser for next since your current version.</p> </details> <br /> Updates `react` from 19.2.4 to 19.2.7 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facebook/react/releases">react's releases</a>.</em></p> <blockquote> <h2>19.2.7 (June 1st, 2026)</h2> <h2>React Server Components</h2> <ul> <li>Fixed missing <code>FormData</code> entries in Server Actions which regressed in 19.2.6 (<a href="https://redirect.github.com/facebook/react/pull/36566">#36566</a> by <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>)</li> </ul> <h2>19.2.6 (May 6th, 2026)</h2> <h2>React Server Components</h2> <ul> <li>Type hardening and performance improvements (<a href="https://redirect.github.com/facebook/react/pull/36425">#36425</a> by <a href="https://github.com/eps1lon"><code>@eps1lon</code></a> and <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>)</li> </ul> <h2>19.2.5 (April 8th, 2026)</h2> <h2>React Server Components</h2> <ul> <li>Add more cycle protections (<a href="https://redirect.github.com/facebook/react/pull/36236">#36236</a> by <a href="https://github.com/eps1lon"><code>@eps1lon</code></a> and <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/react/react/commit/6117d7cca4906492c51fe6a03381e35adfd86e7d"><code>6117d7c</code></a> Version 19.2.7 (<a href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/36591">#36591</a>)</li> <li><a href="https://github.com/react/react/commit/eaf3e95ca92be7a23d3c9cc8ffd6f199a40be401"><code>eaf3e95</code></a> Version 19.2.6</li> <li><a href="https://github.com/react/react/commit/23f4f9f30da9e9af2108c18bb197bae75ab584ea"><code>23f4f9f</code></a> 19.2.5</li> <li>See full diff in <a href="https://github.com/facebook/react/commits/v19.2.7/packages/react">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new releaser for react since your current version.</p> </details> <br /> Updates `@types/react` from 19.2.14 to 19.2.17 <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react">compare view</a></li> </ul> </details> <br /> Updates `react-dom` from 19.2.4 to 19.2.7 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facebook/react/releases">react-dom's releases</a>.</em></p> <blockquote> <h2>19.2.7 (June 1st, 2026)</h2> <h2>React Server Components</h2> <ul> <li>Fixed missing <code>FormData</code> entries in Server Actions which regressed in 19.2.6 (<a href="https://redirect.github.com/facebook/react/pull/36566">#36566</a> by <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>)</li> </ul> <h2>19.2.6 (May 6th, 2026)</h2> <h2>React Server Components</h2> <ul> <li>Type hardening and performance improvements (<a href="https://redirect.github.com/facebook/react/pull/36425">#36425</a> by <a href="https://github.com/eps1lon"><code>@eps1lon</code></a> and <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>)</li> </ul> <h2>19.2.5 (April 8th, 2026)</h2> <h2>React Server Components</h2> <ul> <li>Add more cycle protections (<a href="https://redirect.github.com/facebook/react/pull/36236">#36236</a> by <a href="https://github.com/eps1lon"><code>@eps1lon</code></a> and <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/react/react/commit/6117d7cca4906492c51fe6a03381e35adfd86e7d"><code>6117d7c</code></a> Version 19.2.7 (<a href="https://github.com/facebook/react/tree/HEAD/packages/react-dom/issues/36591">#36591</a>)</li> <li><a href="https://github.com/react/react/commit/eaf3e95ca92be7a23d3c9cc8ffd6f199a40be401"><code>eaf3e95</code></a> Version 19.2.6</li> <li><a href="https://github.com/react/react/commit/23f4f9f30da9e9af2108c18bb197bae75ab584ea"><code>23f4f9f</code></a> 19.2.5</li> <li>See full diff in <a href="https://github.com/facebook/react/commits/v19.2.7/packages/react-dom">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new releaser for react-dom since your current version.</p> </details> <br /> Updates `shiki` from 4.0.2 to 4.2.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/shikijs/shiki/releases">shiki's releases</a>.</em></p> <blockquote> <h2>v4.2.0</h2> <h3> 🚀 Features</h3> <ul> <li>Add <code>@shikijs/stream</code> and <code>@shikijs/magic-move</code> packages - by <a href="https://github.com/antfu"><code>@antfu</code></a> in <a href="https://redirect.github.com/shikijs/shiki/issues/1283">shikijs/shiki#1283</a> <a href="https://github.com/shikijs/shiki/commit/d031f9b6"><!-- raw HTML omitted -->(d031f)<!-- raw HTML omitted --></a></li> </ul> <h3> 🐞 Bug Fixes</h3> <ul> <li><strong>transformers</strong>: Handle YAML comment prefixes correctly for v3 - by <a href="https://github.com/AkaHarshit"><code>@AkaHarshit</code></a> in <a href="https://redirect.github.com/shikijs/shiki/issues/1266">shikijs/shiki#1266</a> <a href="https://github.com/shikijs/shiki/commit/f694a725"><!-- raw HTML omitted -->(f694a)<!-- raw HTML omitted --></a></li> <li><strong>vitepress-twoslash</strong>: Scroll blocking on mobile viewports - by <a href="https://github.com/micaiguai"><code>@micaiguai</code></a> in <a href="https://redirect.github.com/shikijs/shiki/issues/1262">shikijs/shiki#1262</a> <a href="https://github.com/shikijs/shiki/commit/9e0e89c8"><!-- raw HTML omitted -->(9e0e8)<!-- raw HTML omitted --></a></li> </ul> <h5> <a href="https://github.com/shikijs/shiki/compare/v4.1.0...v4.2.0">View changes on GitHub</a></h5> <h2>v4.1.0</h2> <h3> 🐞 Bug Fixes</h3> <ul> <li><strong>twoslash</strong>: Forward <code>tsModule</code> to <code>createTwoslasher</code> - by <a href="https://github.com/arthurfiorette"><code>@arthurfiorette</code></a> in <a href="https://redirect.github.com/shikijs/shiki/issues/1271">shikijs/shiki#1271</a> <a href="https://github.com/shikijs/shiki/commit/be89afcf"><!-- raw HTML omitted -->(be89a)<!-- raw HTML omitted --></a></li> </ul> <h5> <a href="https://github.com/shikijs/shiki/compare/v4.0.2...v4.1.0">View changes on GitHub</a></h5> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/shikijs/shiki/commit/1d56dae84801bad3a48dc7104437fbc21819ee4c"><code>1d56dae</code></a> chore: release v4.2.0</li> <li><a href="https://github.com/shikijs/shiki/commit/c809af96f1907877c5cebfeee98ac5d55193140b"><code>c809af9</code></a> chore: release v4.1.0</li> <li><a href="https://github.com/shikijs/shiki/commit/95371cb1b3c00ced5b437a11f603939002f9ecae"><code>95371cb</code></a> chore: lint</li> <li>See full diff in <a href="https://github.com/shikijs/shiki/commits/v4.2.0/packages/shiki">compare view</a></li> </ul> </details> <br /> Updates `tailwind-merge` from 3.5.0 to 3.6.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dcastil/tailwind-merge/releases">tailwind-merge's releases</a>.</em></p> <blockquote> <h2>v3.6.0</h2> <h3>New Features</h3> <ul> <li>Add support for Tailwind CSS v4.3 by <a href="https://github.com/dcastil"><code>@dcastil</code></a> in <a href="https://redirect.github.com/dcastil/tailwind-merge/pull/677">dcastil/tailwind-merge#677</a> <ul> <li>Add <code>postfixLookupClassGroups</code> option to config to support Tailwind utilities where a slash is part of the full class name, like named container queries</li> </ul> </li> <li>Add support for readonly array values by <a href="https://github.com/unional"><code>@unional</code></a> in <a href="https://redirect.github.com/dcastil/tailwind-merge/pull/652">dcastil/tailwind-merge#652</a></li> </ul> <h3>Documentation</h3> <ul> <li>Fix broken links in README by <a href="https://github.com/maurer2"><code>@maurer2</code></a> in <a href="https://redirect.github.com/dcastil/tailwind-merge/pull/662">dcastil/tailwind-merge#662</a></li> </ul> <h3>Other</h3> <ul> <li>Harden internal CI pipeline security by omitting git checkout by <a href="https://github.com/dcastil"><code>@dcastil</code></a>, suggested by <a href="https://github.com/kyletaylored"><code>@kyletaylored</code></a> in <a href="https://github.com/dcastil/tailwind-merge/commit/6b2499c10cf52bed42426d30b4219e90374b30d6">https://github.com/dcastil/tailwind-merge/commit/6b2499c10cf52bed42426d30b4219e90374b30d6</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dcastil/tailwind-merge/compare/v3.5.0...v3.6.0">https://github.com/dcastil/tailwind-merge/compare/v3.5.0...v3.6.0</a></p> <p>Thanks to <a href="https://github.com/brandonmcconnell"><code>@brandonmcconnell</code></a>, <a href="https://github.com/manavm1990"><code>@manavm1990</code></a>, <a href="https://github.com/langy"><code>@langy</code></a>, <a href="https://github.com/roboflow"><code>@roboflow</code></a>, <a href="https://github.com/syntaxfm"><code>@syntaxfm</code></a>, <a href="https://github.com/getsentry"><code>@getsentry</code></a>, <a href="https://github.com/codecov"><code>@codecov</code></a>, a private sponsor, <a href="https://github.com/block"><code>@block</code></a>, <a href="https://github.com/openclaw"><code>@openclaw</code></a>, <a href="https://github.com/sourcegraph"><code>@sourcegraph</code></a>, <a href="https://github.com/mike-healy"><code>@mike-healy</code></a> and more via <a href="https://github.com/thnxdev"><code>@thnxdev</code></a> for sponsoring tailwind-merge! ❤️</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dcastil/tailwind-merge/commit/d54f7e5713c653d0171971405344f7c6e44d418f"><code>d54f7e5</code></a> v3.6.0</li> <li><a href="https://github.com/dcastil/tailwind-merge/commit/638871a67a0a124ac9275eda77cd08b03f2f045e"><code>638871a</code></a> Update README to add info about Tailwind CSS v4.3 support</li> <li><a href="https://github.com/dcastil/tailwind-merge/commit/39fc7b5e915493e5eb3ddb1ca615f5b2eeff2540"><code>39fc7b5</code></a> Revert "v3.6.0"</li> <li><a href="https://github.com/dcastil/tailwind-merge/commit/bd8390f6ca387f93c9e989fb3fb09924fb843445"><code>bd8390f</code></a> v3.6.0</li> <li><a href="https://github.com/dcastil/tailwind-merge/commit/802877c6e31f9fb64c627e5e760729a16cd0a69b"><code>802877c</code></a> add v3.6.0 changelog</li> <li><a href="https://github.com/dcastil/tailwind-merge/commit/a35fedac7d1fc8756223da94290a83a32068d2ae"><code>a35feda</code></a> Merge pull request <a href="https://redirect.github.com/dcastil/tailwind-merge/issues/665">#665</a> from dcastil/renovate/rollup-plugin-babel-7.x</li> <li><a href="https://github.com/dcastil/tailwind-merge/commit/940389cf89ed0da277ff5c01b98fd619687926e9"><code>940389c</code></a> Merge pull request <a href="https://redirect.github.com/dcastil/tailwind-merge/issues/667">#667</a> from dcastil/renovate/release-drafter-release-drafter...</li> <li><a href="https://github.com/dcastil/tailwind-merge/commit/005af6df08cfbe2adac7ca6cb5a7be02b9261fbd"><code>005af6d</code></a> pin to specific version</li> <li><a href="https://github.com/dcastil/tailwind-merge/commit/5816ced627ebcaefd497ad8e4202baf750dd545c"><code>5816ced</code></a> implement breaking changes</li> <li><a href="https://github.com/dcastil/tailwind-merge/commit/17041e17c5b9c96fcb0f4758c718799cb3af14a6"><code>17041e1</code></a> Merge pull request <a href="https://redirect.github.com/dcastil/tailwind-merge/issues/676">#676</a> from dcastil/dependabot/npm_and_yarn/babel/plugin-tra...</li> <li>Additional commits viewable in <a href="https://github.com/dcastil/tailwind-merge/compare/v3.5.0...v3.6.0">compare view</a></li> </ul> </details> <br /> Updates `@tailwindcss/postcss` from 4.2.2 to 4.3.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tailwindlabs/tailwindcss/releases">@tailwindcss/postcss's releases</a>.</em></p> <blockquote> <h2>v4.3.1</h2> <h3>Added</h3> <ul> <li>Add <code>--silent</code> option to suppress output in <code>@tailwindcss/cli</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20100">#20100</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Remove deprecation warnings by using <code>Module#registerHooks</code> instead of <code>Module#register</code> on Node 26+ (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20028">#20028</a>)</li> <li>Canonicalization: don't crash when plugin utilities throw for unsupported values (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20052">#20052</a>)</li> <li>Allow <code>@apply</code> to be used with CSS mixins (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19427">#19427</a>)</li> <li>Ensure <code>not-*</code> correctly negates <code>@container</code> queries, including <code>style(…)</code> queries (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20059">#20059</a>)</li> <li>Ensure <code>drop-shadow-*</code> color utilities work with custom shadow values containing <code>calc(…)</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20080">#20080</a>)</li> <li>Fix 'Sourcemap is likely to be incorrect' warnings when using <code>@tailwindcss/vite</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20103">#20103</a>)</li> <li>Ensure <code>@tailwindcss/webpack</code> can be installed in Rspack projects without requiring <code>webpack</code> as a peer dependency (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20027">#20027</a>)</li> <li>Canonicalization: don't suggest invalid <code>calc(…)</code> expressions (e.g. <code>px-[calc(1rem+0px)]</code> → <code>px-[calc(1rem+0)]</code>) (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20127">#20127</a>)</li> <li>Canonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. <code>left-[99999px]</code> → <code>left-[99999px]</code>, not <code>left-24999.75</code>) (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20130">#20130</a>)</li> <li>Ensure <code>@tailwindcss/cli</code> in <code>--watch</code> mode recovers when a tracked dependency is deleted and restored (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20137">#20137</a>)</li> <li>Ensure standalone <code>@tailwindcss/cli</code> binaries are ignored when scanning for class candidates (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20139">#20139</a>)</li> <li>Ensure class candidates are extracted from Twig <code>addClass(…)</code> and <code>removeClass(…)</code> calls (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20198">#20198</a>)</li> <li>Don't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19588">#19588</a>)</li> <li>Allow <code>@variant</code> to be used inside <code>addBase</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19480">#19480</a>)</li> <li>Ensure <code>@source</code> globs with symlinks are preserved (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203">#20203</a>)</li> <li>Ensure later <code>@source</code> rules can re-include files excluded by earlier <code>@source not</code> rules (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203">#20203</a>)</li> <li>Upgrade: don't migrate empty class rules to invalid <code>@utility</code> rules (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20205">#20205</a>)</li> <li>Ensure transitions between <code>inset-shadow-none</code> and other inset shadows work correctly (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20208">#20208</a>)</li> <li>Ensure explicitly referenced <code>@source</code> directories are scanned even when ignored by git (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20214">#20214</a>)</li> <li>Ensure <code>@source</code> globs ending in <code>**/*</code> preserve dynamic path segments to avoid scanning too many files (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20217">#20217</a>)</li> <li>Canonicalization: don't fold <code>calc(…)</code> divisions when the result would require high precision (e.g. <code>w-[calc(100%/3.5)]</code> → <code>w-[calc(100%/3.5)]</code>, not <code>w-[28.571428571428573%]</code>) (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20221">#20221</a>)</li> <li>Serve ESM type declarations to ESM importers of <code>@tailwindcss/postcss</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20228">#20228</a>)</li> </ul> <h3>Changed</h3> <ul> <li>Generate <code>0</code> instead of <code>calc(var(--spacing) * 0)</code> for spacing utilities like <code>m-0</code> and <code>left-0</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196">#20196</a>)</li> <li>Generate <code>var(--spacing)</code> instead of <code>calc(var(--spacing) * 1)</code> for spacing utilities like <code>m-1</code> and <code>left-1</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196">#20196</a>)</li> </ul> <h2>v4.3.0</h2> <h3>Added</h3> <ul> <li>Add <code>@container-size</code> utility (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18901">#18901</a>)</li> <li>Add <code>scrollbar-{auto,thin,none}</code> utilities for <code>scrollbar-width</code>, and <code>scrollbar-thumb-*</code> / <code>scrollbar-track-*</code> color utilities for <code>scrollbar-color</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19981">#19981</a>, <a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20019">#20019</a>)</li> <li>Add <code>scrollbar-gutter-*</code> utilities (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20018">#20018</a>)</li> <li>Add <code>zoom-*</code> utilities (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20020">#20020</a>)</li> <li>Add <code>tab-*</code> utilities (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20022">#20022</a>)</li> <li>Allow using <code>@variant</code> with stacked variants (e.g. <code>@variant hover:focus { … }</code>) (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19996">#19996</a>)</li> <li>Allow using <code>@variant</code> with compound variants (e.g. <code>@variant hover, focus { … }</code>) (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19996">#19996</a>)</li> <li>Support <code>--default(…)</code> in <code>--value(…)</code> and <code>--modifier(…)</code> for functional <code>@utility</code> definitions (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19989">#19989</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Ensure <code>@plugin</code> resolves package JavaScript entries instead of browser CSS entries when using <code>@tailwindcss/vite</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19949">#19949</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md">@tailwindcss/postcss's changelog</a>.</em></p> <blockquote> <h2>[4.3.1] - 2026-06-12</h2> <h3>Added</h3> <ul> <li>Add <code>--silent</code> option to suppress output in <code>@tailwindcss/cli</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20100">#20100</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Remove deprecation warnings by using <code>Module#registerHooks</code> instead of <code>Module#register</code> on Node 26+ (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20028">#20028</a>)</li> <li>Canonicalization: don't crash when plugin utilities throw for unsupported values (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20052">#20052</a>)</li> <li>Allow <code>@apply</code> to be used with CSS mixins (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19427">#19427</a>)</li> <li>Ensure <code>not-*</code> correctly negates <code>@container</code> queries, including <code>style(…)</code> queries (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20059">#20059</a>)</li> <li>Ensure <code>drop-shadow-*</code> color utilities work with custom shadow values containing <code>calc(…)</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20080">#20080</a>)</li> <li>Fix 'Sourcemap is likely to be incorrect' warnings when using <code>@tailwindcss/vite</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20103">#20103</a>)</li> <li>Ensure <code>@tailwindcss/webpack</code> can be installed in Rspack projects without requiring <code>webpack</code> as a peer dependency (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20027">#20027</a>)</li> <li>Canonicalization: don't suggest invalid <code>calc(…)</code> expressions (e.g. <code>px-[calc(1rem+0px)]</code> → <code>px-[calc(1rem+0)]</code>) (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20127">#20127</a>)</li> <li>Canonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. <code>left-[99999px]</code> → <code>left-[99999px]</code>, not <code>left-24999.75</code>) (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20130">#20130</a>)</li> <li>Ensure <code>@tailwindcss/cli</code> in <code>--watch</code> mode recovers when a tracked dependency is deleted and restored (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20137">#20137</a>)</li> <li>Ensure standalone <code>@tailwindcss/cli</code> binaries are ignored when scanning for class candidates (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20139">#20139</a>)</li> <li>Ensure class candidates are extracted from Twig <code>addClass(…)</code> and <code>removeClass(…)</code> calls (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20198">#20198</a>)</li> <li>Don't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19588">#19588</a>)</li> <li>Allow <code>@variant</code> to be used inside <code>addBase</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19480">#19480</a>)</li> <li>Ensure <code>@source</code> globs with symlinks are preserved (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203">#20203</a>)</li> <li>Ensure later <code>@source</code> rules can re-include files excluded by earlier <code>@source not</code> rules (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203">#20203</a>)</li> <li>Upgrade: don't migrate empty class rules to invalid <code>@utility</code> rules (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20205">#20205</a>)</li> <li>Ensure transitions between <code>inset-shadow-none</code> and other inset shadows work correctly (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20208">#20208</a>)</li> <li>Ensure explicitly referenced <code>@source</code> directories are scanned even when ignored by git (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20214">#20214</a>)</li> <li>Ensure <code>@source</code> globs ending in <code>**/*</code> preserve dynamic path segments to avoid scanning too many files (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20217">#20217</a>)</li> <li>Canonicalization: don't fold <code>calc(…)</code> divisions when the result would require high precision (e.g. <code>w-[calc(100%/3.5)]</code> → <code>w-[calc(100%/3.5)]</code>, not <code>w-[28.571428571428573%]</code>) (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20221">#20221</a>)</li> <li>Serve ESM type declarations to ESM importers of <code>@tailwindcss/postcss</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20228">#20228</a>)</li> </ul> <h3>Changed</h3> <ul> <li>Generate <code>0</code> instead of <code>calc(var(--spacing) * 0)</code> for spacing utilities like <code>m-0</code> and <code>left-0</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196">#20196</a>)</li> <li>Generate <code>var(--spacing)</code> instead of <code>calc(var(--spacing) * 1)</code> for spacing utilities like <code>m-1</code> and <code>left-1</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196">#20196</a>)</li> </ul> <h2>[4.3.0] - 2026-05-08</h2> <h3>Added</h3> <ul> <li>Add <code>@container-size</code> utility (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18901">#18901</a>)</li> <li>Add <code>scrollbar-{auto,thin,none}</code> utilities for <code>scrollbar-width</code>, and <code>scrollbar-thumb-*</code> / <code>scrollbar-track-*</code> color utilities for <code>scrollbar-color</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19981">#19981</a>, <a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20019">#20019</a>)</li> <li>Add <code>scrollbar-gutter-*</code> utilities (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20018">#20018</a>)</li> <li>Add <code>zoom-*</code> utilities (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20020">#20020</a>)</li> <li>Add <code>tab-*</code> utilities (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20022">#20022</a>)</li> <li>Allow using <code>@variant</code> with stacked variants (e.g. <code>@variant hover:focus { … }</code>) (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19996">#19996</a>)</li> <li>Allow using <code>@variant</code> with compound variants (e.g. <code>@variant hover, focus { … }</code>) (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19996">#19996</a>)</li> <li>Support <code>--default(…)</code> in <code>--value(…)</code> and <code>--modifier(…)</code> for functional <code>@utility</code> definitions (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19989">#19989</a>)</li> </ul> <h3>Fixed</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tailwindlabs/tailwindcss/commit/8a14a710102cae195f6811e8578bef9477bc6be9"><code>8a14a71</code></a> 4.3.1 (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20226">#20226</a>)</li> <li><a href="https://github.com/tailwindlabs/tailwindcss/commit/522288ca08c7ed0e7e9d3256f40fd36981d451a3"><code>522288c</code></a> Serve ESM type declarations to ESM importers of <code>@tailwindcss/postcss</code> (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20228">#20228</a>)</li> <li><a href="https://github.com/tailwindlabs/tailwindcss/commit/8dcdb66e8a58b9df621ed1a9cb59396e0ddb6dd7"><code>8dcdb66</code></a> Bump dependencies (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20095">#20095</a>)</li> <li><a href="https://github.com/tailwindlabs/tailwindcss/commit/588bd7371f4cae96426e1387819b7fd1d99765f9"><code>588bd73</code></a> 4.3.0 (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20023">#20023</a>)</li> <li><a href="https://github.com/tailwindlabs/tailwindcss/commit/12eb5ae7b6026ff64c04f889b2221418d772da72"><code>12eb5ae</code></a> Cleanup noisy test output (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20015">#20015</a>)</li> <li><a href="https://github.com/tailwindlabs/tailwindcss/commit/4255671c5f792c42808ecd6b2dec27c16e3c559e"><code>4255671</code></a> Improve snapshot tests (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20013">#20013</a>)</li> <li><a href="https://github.com/tailwindlabs/tailwindcss/commit/52f94c74bb491e9c3641ce322a0ef90fb3c45de6"><code>52f94c7</code></a> Improve codebase quality (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/19999">#19999</a>)</li> <li><a href="https://github.com/tailwindlabs/tailwindcss/commit/d194d4c3e656313421f1cfa1954db8f58eec0fcd"><code>d194d4c</code></a> docs: fix various typos in comments and documentation (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/19878">#19878</a>)</li> <li><a href="https://github.com/tailwindlabs/tailwindcss/commit/bfb5732b0b948d89c6803cb537bca168ec8e0a46"><code>bfb5732</code></a> Fall back to the plugin <code>base</code> when PostCSS has no <code>from</code> option (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/19980">#19980</a>)</li> <li><a href="https://github.com/tailwindlabs/tailwindcss/commit/3a890c35727fe0630c59b72dbec799d02e3c4800"><code>3a890c3</code></a> Bump dependencies (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/19957">#19957</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tailwindlabs/tailwindcss/commits/v4.3.1/packages/@tailwindcss-postcss">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new releaser for <code>@tailwindcss/postcss</code> since your current version.</p> </details> <br /> Updates `@types/react` from 19.2.14 to 19.2.17 <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react">compare view</a></li> </ul> </details> <br /> Updates `eslint-config-next` from 16.2.1 to 16.2.9 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vercel/next.js/releases">eslint-config-next's releases</a>.</em></p> <blockquote> <h2>v16.2.9</h2> <p>Empty release to ensure <code>next@latest</code> points at a stable release. Next.js only allows publishing with Trusted Publishing enabled. In order to fix NPM dist-tags, we have to release a new version. Updating dist-tags is not possible with Trusted Publishing.</p> <h2>v16.2.8</h2> <p>Release with no changes in an attempt to fix <code>next@latest</code> pointing at a prerelease version.</p> <h2>v16.2.7</h2> <blockquote> <p>[!NOTE] This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>Backport documentation fixes for v16.2 (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/93804">#93804</a>)</li> <li>[backport] Patch <code>playwright-core</code> to resolve <code>_finishedPromise</code> on <code>requestFailed</code> (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/93920">#93920</a>)</li> <li>[backport] Fix dev mode hydration failure when page is served from HTTP cache (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/93492">#93492</a>)</li> <li>[backport] Fix catch-all <code>router.query</code> corruption with <code>basePath</code> + <code>rewrites</code> (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/93917">#93917</a>)</li> <li>[backport] Encode non-ASCII characters in cache tags at construction (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/93918">#93918</a>)</li> <li>[backport] Fix server action forwarding loop with middleware rewrites (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/93919">#93919</a>)</li> <li>[backport] Turbopack: switch from base40 to base38 hash encoding (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/93932">#93932</a>)</li> <li>[ci] Disable hanging node 24 typescript tests on 16.2 backport branch (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/94164">#94164</a>)</li> <li>[backport] Fix "type: module" in project dir when using standalone or adapters (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/94050">#94050</a>)</li> <li>[backport] Propagate adapter preferred regions (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/94200">#94200</a>)</li> <li>[16.2.x] Don't drop <code>FormData</code> entries (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/94240">#94240</a>)</li> <li>[backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/94284">#94284</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/eps1lon"><code>@eps1lon</code></a>, <a href="https://github.com/icyJoseph"><code>@icyJoseph</code></a>, <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>, <a href="https://github.com/mischnic"><code>@mischnic</code></a>, <a href="https://github.com/bgw"><code>@bgw</code></a>, <a href="https://github.com/timneutkens"><code>@timneutkens</code></a>, and <a href="https://github.com/lukesandberg"><code>@lukesandberg</code></a> for helping!</p> <h2>v16.2.6</h2> <blockquote> <p>[!NOTE] This release contains security fixes and backported bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Security Fixes</h3> <p>The following advisories have been addressed:</p> <p><strong>High:</strong></p> <ul> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj">GHSA-8h8q-6873-q5fj: Denial of Service with Server Components</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f">GHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6">GHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - <strong>Incomplete Fix Follow-Up</strong></a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx">GHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv">GHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r">GHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5">GHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n</a></li> </ul> <p><strong>Moderate:</strong></p> <ul> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q">GHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h">GHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh">GHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vercel/next.js/commit/f37fad940522e000af5498209fd237d863b4fa16"><code>f37fad9</code></a> v16.2.9</li> <li><a href="https://github.com/vercel/next.js/commit/6f1680448c81904efcd36704edf01a6b7323abbf"><code>6f16804</code></a> v16.2.8</li> <li><a href="https://github.com/vercel/next.js/commit/411c455dcdec630b9e2e83d24e27b0f9e05927b6"><code>411c455</code></a> v16.2.7</li> <li><a href="https://github.com/vercel/next.js/commit/ee6e79b1792a4d401ddf2480f40a83549fe8e722"><code>ee6e79b</code></a> v16.2.6</li> <li><a href="https://github.com/vercel/next.js/commit/766148f9cd48c0e218acafcd0f15defc14871bf4"><code>766148f</code></a> v16.2.5</li> <li><a href="https://github.com/vercel/next.js/commit/2275bd8598c88e8652d1271e74bcf972f72f4f38"><code>2275bd8</code></a> v16.2.4</li> <li><a href="https://github.com/vercel/next.js/commit/d5f649b2f4affdad1009cb178c1e3b37f4f1ad3f"><code>d5f649b</code></a> v16.2.3</li> <li><a href="https://github.com/vercel/next.js/commit/52faae3d94641584e13691238df5be158d0f00fb"><code>52faae3</code></a> v16.2.2</li> <li>See full diff in <a href="https://github.com/vercel/next.js/commits/v16.2.9/packages/eslint-config-next">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new releaser for eslint-config-next since your current version.</p> </details> <br /> Updates `prettier-plugin-tailwindcss` from 0.7.3 to 0.8.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tailwindlabs/prettier-plugin-tailwindcss/releases">prettier-plugin-tailwindcss's releases</a>.</em></p> <blockquote> <h2>v0.8.0</h2> <h3>Changed</h3> <ul> <li>Require at least Prettier 3.7.x (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/420">#420</a>)</li> </ul> <h3>Added</h3> <ul> <li>Export public sorting APIs to <code>/sorter</code> (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/438">#438</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Remove top-level await (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/420">#420</a>)</li> <li>Improve load-time performance (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/420">#420</a>)</li> <li>Improve config resolution caching with directory-based cache (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/432">#432</a>)</li> <li>Load compatible plugins on demand and tighten plugin detection (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/437">#437</a>)</li> <li>Load v3/v4 modules only when needed (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/439">#439</a>)</li> <li>Remove recast/ast-types deps and optimize dynamic JS attribute handling (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/440">#440</a>)</li> <li>Remove unused deps (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/441">#441</a>)</li> <li>Use the plugin that has already been imported rather than dynamically importing it again (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/442">#442</a>)</li> <li>Skip visiting non-node children (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/443">#443</a>)</li> <li>Optimize whitespace-only class detection (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/429">#429</a>)</li> <li>Fix v3 config loading with Jiti re-exports (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/448">#448</a>)</li> <li>Collapse whitespace in template literals with adjacent quasis (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/427">#427</a>)</li> <li>Improve <code>canCollapseWhitespaceIn</code> handling for <code>"tailwindPreserveWhitespace": true</code> (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/428">#428</a>)</li> </ul> <h2>v0.7.4</h2> <p>Same as v0.7.2, since v0.7.3 contained breaking changes.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tailwindlabs/prettier-plugin-tailwindcss/blob/main/CHANGELOG.md">prettier-plugin-tailwindcss's changelog</a>.</em></p> <blockquote> <h2>[0.8.0] - 2026-04-27</h2> <h3>Changed</h3> <ul> <li>Require at least Prettier 3.7.x (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/420">#420</a>)</li> </ul> <h3>Added</h3> <ul> <li>Export public sorting APIs to <code>/sorter</code> (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/438">#438</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Remove top-level await (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/420">#420</a>)</li> <li>Improve load-time performance (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/420">#420</a>)</li> <li>Improve config resolution caching with directory-based cache (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/432">#432</a>)</li> <li>Load compatible plugins on demand and tighten plugin detection (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/437">#437</a>)</li> <li>Load v3/v4 m... _Description has been truncated_
- Merged
chore: bump @types/node from 20.19.37 to 26.0.0
#40dependabot/npm_and_yarn/types/node-26.0.0 → main
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 20.19.37 to 26.0.0. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
dependabot[bot] · 2026년 6월 22일choredependencies - Closed
chore: bump the minor-and-patch group with 13 updates
#39dependabot/npm_and_yarn/minor-and-patch-4cac3585b3 → main
Bumps the minor-and-patch group with 13 updates: | Package | From | To | | --- | --- | --- | | [@radix-ui/react-select](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/select) | `2.2.6` | `2.3.1` | | [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.8.0` | `1.21.0` | | [next](https://github.com/vercel/next.js) | `16.2.1` | `16.2.9` | | [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.4` | `19.2.7` | | [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.14` | `19.2.17` | | [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.4` | `19.2.7` | | [shiki](https://github.com/shikijs/shiki/tree/HEAD/packages/shiki) | `4.0.2` | `4.2.0` | | [tailwind-merge](https://github.com/dcastil/tailwind-merge) | `3.5.0` | `3.6.0` | | [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss) | `4.2.2` | `4.3.1` | | [eslint-config-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next) | `16.2.1` | `16.2.9` | | [prettier](https://github.com/prettier/prettier) | `3.8.3` | `3.8.4` | | [prettier-plugin-tailwindcss](https://github.com/tailwindlabs/prettier-plugin-tailwindcss) | `0.7.3` | `0.8.0` | | [tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss) | `4.2.2` | `4.3.1` | Updates `@radix-ui/react-select` from 2.2.6 to 2.3.1 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/radix-ui/primitives/blob/main/packages/react/select/CHANGELOG.md">@radix-ui/react-select's changelog</a>.</em></p> <blockquote> <h2>2.3.1</h2> <ul> <li>Allowed a <code>Select.Item</code> with an empty string value to act as a "clear" option. Selecting it resets the selection back to the placeholder, restoring the native <code><select></code> behavior for optional selects.</li> <li>Fixed a bug where typeahead search resulted in focusing an element that no longer exists.</li> <li>Updated dependencies: <code>@radix-ui/react-slot@1.3.0</code>, <code>@radix-ui/react-popper@1.3.1</code>, <code>@radix-ui/react-dismissable-layer@1.1.13</code>, <code>@radix-ui/react-primitive@2.1.6</code>, <code>@radix-ui/react-collection@1.1.10</code>, <code>@radix-ui/react-focus-scope@1.1.10</code>, <code>@radix-ui/react-portal@1.1.12</code>, <code>@radix-ui/react-visually-hidden@1.2.6</code></li> </ul> <h2>2.3.0</h2> <ul> <li>Added unstable <code>Provider</code> and <code>BubbleInput</code> parts to Select. <code>Select.unstable_Provider</code> sets up Select's context and state without implicitly rendering the hidden native <code>select</code>, and <code>Select.unstable_BubbleInput</code> exposes that previously internal native <code>select</code> so consumers can recompose it explicitly. <code>Select</code> continues to render both by default.</li> <li>Added support for presence-based exit animations in Select</li> <li>Fixed Select hidden input so it submits empty string when no value is selected</li> <li>Fixed placeholder rendering when a controlled Select is reset to an empty value</li> <li>Added missing <code>__selectScope</code> prop to <code>PopperContent</code> component</li> <li>Fixed <code>Select</code> closing unexpectedly after touch-scrolling its content when rendered inside an open shadow DOM</li> <li>Fixed a bug where iOS text selection and editing on HTML inputs within <code>react-dialog</code> were broken</li> <li>Fixed triggers referencing a non-existent element via <code>aria-controls</code> when their content is removed from the DOM (credit to <a href="https://github.com/dodomorandi"><code>@dodomorandi</code></a> for the <a href="https://redirect.github.com/radix-ui/primitives/pull/3243">original PR</a>)</li> <li>Fixed <code>SelectValue</code> logging invalid prop errors when used with both <code>asChild</code> and a placeholder</li> <li>Added repository.directory to all package.json files</li> <li>Updated dependencies: <code>@radix-ui/react-presence@1.1.6</code>, <code>@radix-ui/react-popper@1.3.0</code>, <code>@radix-ui/react-slot@1.2.5</code>, <code>@radix-ui/react-focus-guards@1.1.4</code>, <code>@radix-ui/react-dismissable-layer@1.1.12</code>, <code>@radix-ui/react-collection@1.1.9</code>, <code>@radix-ui/react-direction@1.1.2</code>, <code>@radix-ui/number@1.1.2</code>, <code>@radix-ui/primitive@1.1.4</code>, <code>@radix-ui/react-compose-refs@1.1.3</code>, <code>@radix-ui/react-context@1.1.4</code>, <code>@radix-ui/react-focus-scope@1.1.9</code>, <code>@radix-ui/react-id@1.1.2</code>, <code>@radix-ui/react-portal@1.1.11</code>, <code>@radix-ui/react-primitive@2.1.5</code>, <code>@radix-ui/react-use-callback-ref@1.1.2</code>, <code>@radix-ui/react-use-controllable-state@1.2.3</code>, <code>@radix-ui/react-use-layout-effect@1.1.2</code>, <code>@radix-ui/react-use-previous@1.1.2</code>, <code>@radix-ui/react-visually-hidden@1.2.5</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/radix-ui/primitives/commits/HEAD/packages/react/select">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new releaser for <code>@radix-ui/react-select</code> since your current version.</p> </details> <br /> Updates `lucide-react` from 1.8.0 to 1.21.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lucide-icons/lucide/releases">lucide-react's releases</a>.</em></p> <blockquote> <h2>Version 1.21.0</h2> <h2>What's Changed</h2> <ul> <li>ci(release.yml): Remove new-version in release flow by <a href="https://github.com/ericfennis"><code>@ericfennis</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4478">lucide-icons/lucide#4478</a></li> <li>ci(release.yml): Fix workflow and remove <code>version</code> scripts in package scripts by <a href="https://github.com/ericfennis"><code>@ericfennis</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4479">lucide-icons/lucide#4479</a></li> <li>fix(docs): rename navigation category label by <a href="https://github.com/Hsiii"><code>@Hsiii</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4483">lucide-icons/lucide#4483</a></li> <li>feat(icons): added <code>broken-bone</code> icon by <a href="https://github.com/Patolord"><code>@Patolord</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4131">lucide-icons/lucide#4131</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Hsiii"><code>@Hsiii</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4483">lucide-icons/lucide#4483</a></li> <li><a href="https://github.com/Patolord"><code>@Patolord</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4131">lucide-icons/lucide#4131</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/lucide-icons/lucide/compare/1.20.0...1.21.0">https://github.com/lucide-icons/lucide/compare/1.20.0...1.21.0</a></p> <h2>Version 1.20.0</h2> <h2>What's Changed</h2> <ul> <li>fix(icons): decreased size of arrows inside <code>square-arrow-*</code> icons by <a href="https://github.com/jguddas"><code>@jguddas</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3926">lucide-icons/lucide#3926</a></li> <li>chore(tags): Add tags to <code>search-</code> icons by <a href="https://github.com/jamiemlaw"><code>@jamiemlaw</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4099">lucide-icons/lucide#4099</a></li> <li>feat(icons): added <code>save-check</code> icon by <a href="https://github.com/Konixy"><code>@Konixy</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3120">lucide-icons/lucide#3120</a></li> <li>feat(icons): added <code>tag-plus</code> and <code>tag-x</code> icons by <a href="https://github.com/adam-kov"><code>@adam-kov</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3980">lucide-icons/lucide#3980</a></li> <li>feat(icons): added <code>banknote-check</code> icon by <a href="https://github.com/mfjramirezf"><code>@mfjramirezf</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3956">lucide-icons/lucide#3956</a></li> <li>feat(icons): added <code>clock-arrow-in</code> icon by <a href="https://github.com/jguddas"><code>@jguddas</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/2403">lucide-icons/lucide#2403</a></li> <li>feat(icons): added <code>summary</code> icon by <a href="https://github.com/jpjacobpadilla"><code>@jpjacobpadilla</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3114">lucide-icons/lucide#3114</a></li> <li>feat(icons): added <code>user-round-arrow-in</code> icon by <a href="https://github.com/jguddas"><code>@jguddas</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/2283">lucide-icons/lucide#2283</a></li> <li>feat(icons): added <code>clock-arrow-out</code> icon by <a href="https://github.com/jguddas"><code>@jguddas</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/2404">lucide-icons/lucide#2404</a></li> <li>docs(docs): fix broken Svelte package source link in README by <a href="https://github.com/SRKrukowski"><code>@SRKrukowski</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4468">lucide-icons/lucide#4468</a></li> <li>chore(deps-dev): bump <code>@angular/compiler</code> from 21.2.5 to 21.2.17 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4474">lucide-icons/lucide#4474</a></li> <li>chore(deps-dev): bump <code>@angular/core</code> from 21.2.5 to 21.2.17 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4470">lucide-icons/lucide#4470</a></li> <li>chore(deps-dev): bump vitest from 4.0.12 to 4.1.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4429">lucide-icons/lucide#4429</a></li> <li>chore(deps-dev): bump markdown-it from 14.1.1 to 14.2.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4475">lucide-icons/lucide#4475</a></li> <li>chore(deps-dev): bump <code>@angular/common</code> from 21.2.5 to 21.2.17 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4471">lucide-icons/lucide#4471</a></li> <li>feat(icons): added <code>pencil-sparkles</code> icon by <a href="https://github.com/jennieboops"><code>@jennieboops</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4445">lucide-icons/lucide#4445</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Konixy"><code>@Konixy</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3120">lucide-icons/lucide#3120</a></li> <li><a href="https://github.com/adam-kov"><code>@adam-kov</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3980">lucide-icons/lucide#3980</a></li> <li><a href="https://github.com/mfjramirezf"><code>@mfjramirezf</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3956">lucide-icons/lucide#3956</a></li> <li><a href="https://github.com/SRKrukowski"><code>@SRKrukowski</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4468">lucide-icons/lucide#4468</a></li> <li><a href="https://github.com/jennieboops"><code>@jennieboops</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4445">lucide-icons/lucide#4445</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/lucide-icons/lucide/compare/1.19.0...1.20.0">https://github.com/lucide-icons/lucide/compare/1.19.0...1.20.0</a></p> <h2>Version 1.19.0</h2> <h2>What's Changed</h2> <ul> <li>chore(deps): upgrade pnpm to version 11.6.0 by <a href="https://github.com/ericfennis"><code>@ericfennis</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4458">lucide-icons/lucide#4458</a></li> <li>feat(icons): added <code>star-*</code> icons by <a href="https://github.com/RajnishKMehta"><code>@RajnishKMehta</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3918">lucide-icons/lucide#3918</a></li> <li>chore(suggest-tags): Update metadata suggestion script by <a href="https://github.com/ericfennis"><code>@ericfennis</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4462">lucide-icons/lucide#4462</a></li> <li>feat(icons): added <code>save-pen</code> icon by <a href="https://github.com/vaporvee"><code>@vaporvee</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4179">lucide-icons/lucide#4179</a></li> <li>feat(icons): added <code>wrench-off</code> icon by <a href="https://github.com/nilsjonsson"><code>@nilsjonsson</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4434">lucide-icons/lucide#4434</a></li> <li>feat(icons): added <code>ad</code> icon by <a href="https://github.com/jamiemlaw"><code>@jamiemlaw</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4323">lucide-icons/lucide#4323</a></li> <li>feat(icons): added <code>eye-dashed</code> icon by <a href="https://github.com/karsa-mistmere"><code>@karsa-mistmere</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4415">lucide-icons/lucide#4415</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lucide-icons/lucide/commit/5ff536e1391335e4f7dc38d244c1bc458b9443e2"><code>5ff536e</code></a> ci(release.yml): Fix workflow and remove <code>version</code> scripts in package scripts...</li> <li><a href="https://github.com/lucide-icons/lucide/commit/07c885e6c1f9952965ba388b7fd2bb7c4d416a67"><code>07c885e</code></a> fix(docs): fix zephyr-cloud URL in readmes</li> <li><a href="https://github.com/lucide-icons/lucide/commit/50d8af5a1012e188f3d71ac8f1fc0fba1aab5357"><code>50d8af5</code></a> docs(readme): Update readme files (<a href="https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react/issues/4320">#4320</a>)</li> <li><a href="https://github.com/lucide-icons/lucide/commit/653e44b83293567ff24dcb90ca1094a9cf0a042a"><code>653e44b</code></a> feat(packages): use .mjs for ESM bundles (<a href="https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react/issues/4285">#4285</a>)</li> <li>See full diff in <a href="https://github.com/lucide-icons/lucide/commits/1.21.0/packages/lucide-react">compare view</a></li> </ul> </details> <br /> Updates `next` from 16.2.1 to 16.2.9 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vercel/next.js/releases">next's releases</a>.</em></p> <blockquote> <h2>v16.2.9</h2> <p>Empty release to ensure <code>next@latest</code> points at a stable release. Next.js only allows publishing with Trusted Publishing enabled. In order to fix NPM dist-tags, we have to release a new version. Updating dist-tags is not possible with Trusted Publishing.</p> <h2>v16.2.8</h2> <p>Release with no changes in an attempt to fix <code>next@latest</code> pointing at a prerelease version.</p> <h2>v16.2.7</h2> <blockquote> <p>[!NOTE] This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>Backport documentation fixes for v16.2 (<a href="https://redirect.github.com/vercel/next.js/issues/93804">#93804</a>)</li> <li>[backport] Patch <code>playwright-core</code> to resolve <code>_finishedPromise</code> on <code>requestFailed</code> (<a href="https://redirect.github.com/vercel/next.js/issues/93920">#93920</a>)</li> <li>[backport] Fix dev mode hydration failure when page is served from HTTP cache (<a href="https://redirect.github.com/vercel/next.js/issues/93492">#93492</a>)</li> <li>[backport] Fix catch-all <code>router.query</code> corruption with <code>basePath</code> + <code>rewrites</code> (<a href="https://redirect.github.com/vercel/next.js/issues/93917">#93917</a>)</li> <li>[backport] Encode non-ASCII characters in cache tags at construction (<a href="https://redirect.github.com/vercel/next.js/issues/93918">#93918</a>)</li> <li>[backport] Fix server action forwarding loop with middleware rewrites (<a href="https://redirect.github.com/vercel/next.js/issues/93919">#93919</a>)</li> <li>[backport] Turbopack: switch from base40 to base38 hash encoding (<a href="https://redirect.github.com/vercel/next.js/issues/93932">#93932</a>)</li> <li>[ci] Disable hanging node 24 typescript tests on 16.2 backport branch (<a href="https://redirect.github.com/vercel/next.js/issues/94164">#94164</a>)</li> <li>[backport] Fix "type: module" in project dir when using standalone or adapters (<a href="https://redirect.github.com/vercel/next.js/issues/94050">#94050</a>)</li> <li>[backport] Propagate adapter preferred regions (<a href="https://redirect.github.com/vercel/next.js/issues/94200">#94200</a>)</li> <li>[16.2.x] Don't drop <code>FormData</code> entries (<a href="https://redirect.github.com/vercel/next.js/issues/94240">#94240</a>)</li> <li>[backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (<a href="https://redirect.github.com/vercel/next.js/issues/94284">#94284</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/eps1lon"><code>@eps1lon</code></a>, <a href="https://github.com/icyJoseph"><code>@icyJoseph</code></a>, <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>, <a href="https://github.com/mischnic"><code>@mischnic</code></a>, <a href="https://github.com/bgw"><code>@bgw</code></a>, <a href="https://github.com/timneutkens"><code>@timneutkens</code></a>, and <a href="https://github.com/lukesandberg"><code>@lukesandberg</code></a> for helping!</p> <h2>v16.2.6</h2> <blockquote> <p>[!NOTE] This release contains security fixes and backported bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Security Fixes</h3> <p>The following advisories have been addressed:</p> <p><strong>High:</strong></p> <ul> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj">GHSA-8h8q-6873-q5fj: Denial of Service with Server Components</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f">GHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6">GHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - <strong>Incomplete Fix Follow-Up</strong></a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx">GHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv">GHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r">GHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5">GHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n</a></li> </ul> <p><strong>Moderate:</strong></p> <ul> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q">GHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h">GHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh">GHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vercel/next.js/commit/f37fad940522e000af5498209fd237d863b4fa16"><code>f37fad9</code></a> v16.2.9</li> <li><a href="https://github.com/vercel/next.js/commit/d9aaaedfd8050e58e3c82c1cea412d670750b32b"><code>d9aaaed</code></a> [cd] Allow tagging semver-lower releases as <code>@latest</code> if <code>@latest</code> po… (<a href="https://redirect.github.com/vercel/next.js/issues/94627">#94627</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/6f1680448c81904efcd36704edf01a6b7323abbf"><code>6f16804</code></a> v16.2.8</li> <li><a href="https://github.com/vercel/next.js/commit/0dbc1d5c860bf47c8c4f794e053b93fd02355d4e"><code>0dbc1d5</code></a> [16.2.x][cd] Ensure release can be triggered on old branches (<a href="https://redirect.github.com/vercel/next.js/issues/94598">#94598</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/90e3c811e7a3603a60dfcf627cc65f8b24ad1d5d"><code>90e3c81</code></a> [16.2.x] Align Actions dependencies with Canary (<a href="https://redirect.github.com/vercel/next.js/issues/94339">#94339</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/83f402c69db9faf3f727bea5c85249fe9af9af54"><code>83f402c</code></a> [16.2.x][cd] Stop fetching all tags when searching parent tag (<a href="https://redirect.github.com/vercel/next.js/issues/94334">#94334</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/411c455dcdec630b9e2e83d24e27b0f9e05927b6"><code>411c455</code></a> v16.2.7</li> <li><a href="https://github.com/vercel/next.js/commit/c63224f3d8e8dd0a4ef8635916f92954421e5f1e"><code>c63224f</code></a> [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolut...</li> <li><a href="https://github.com/vercel/next.js/commit/63115c79877c90df4371c2425f3fc5d3a55ac58d"><code>63115c7</code></a> [16.2.x] Don't drop <code>FormData</code> entries (<a href="https://redirect.github.com/vercel/next.js/issues/94240">#94240</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/aef22fdc828226227f618bb982a222e1256ba6f2"><code>aef22fd</code></a> [backport] Propagate adapter preferred regions (<a href="https://redirect.github.com/vercel/next.js/issues/94200">#94200</a>)</li> <li>Additional commits viewable in <a href="https://github.com/vercel/next.js/compare/v16.2.1...v16.2.9">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new releaser for next since your current version.</p> </details> <br /> Updates `react` from 19.2.4 to 19.2.7 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facebook/react/releases">react's releases</a>.</em></p> <blockquote> <h2>19.2.7 (June 1st, 2026)</h2> <h2>React Server Components</h2> <ul> <li>Fixed missing <code>FormData</code> entries in Server Actions which regressed in 19.2.6 (<a href="https://redirect.github.com/facebook/react/pull/36566">#36566</a> by <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>)</li> </ul> <h2>19.2.6 (May 6th, 2026)</h2> <h2>React Server Components</h2> <ul> <li>Type hardening and performance improvements (<a href="https://redirect.github.com/facebook/react/pull/36425">#36425</a> by <a href="https://github.com/eps1lon"><code>@eps1lon</code></a> and <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>)</li> </ul> <h2>19.2.5 (April 8th, 2026)</h2> <h2>React Server Components</h2> <ul> <li>Add more cycle protections (<a href="https://redirect.github.com/facebook/react/pull/36236">#36236</a> by <a href="https://github.com/eps1lon"><code>@eps1lon</code></a> and <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/react/react/commit/6117d7cca4906492c51fe6a03381e35adfd86e7d"><code>6117d7c</code></a> Version 19.2.7 (<a href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/36591">#36591</a>)</li> <li><a href="https://github.com/react/react/commit/eaf3e95ca92be7a23d3c9cc8ffd6f199a40be401"><code>eaf3e95</code></a> Version 19.2.6</li> <li><a href="https://github.com/react/react/commit/23f4f9f30da9e9af2108c18bb197bae75ab584ea"><code>23f4f9f</code></a> 19.2.5</li> <li>See full diff in <a href="https://github.com/facebook/react/commits/v19.2.7/packages/react">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new releaser for react since your current version.</p> </details> <br /> Updates `@types/react` from 19.2.14 to 19.2.17 <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react">compare view</a></li> </ul> </details> <br /> Updates `react-dom` from 19.2.4 to 19.2.7 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facebook/react/releases">react-dom's releases</a>.</em></p> <blockquote> <h2>19.2.7 (June 1st, 2026)</h2> <h2>React Server Components</h2> <ul> <li>Fixed missing <code>FormData</code> entries in Server Actions which regressed in 19.2.6 (<a href="https://redirect.github.com/facebook/react/pull/36566">#36566</a> by <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>)</li> </ul> <h2>19.2.6 (May 6th, 2026)</h2> <h2>React Server Components</h2> <ul> <li>Type hardening and performance improvements (<a href="https://redirect.github.com/facebook/react/pull/36425">#36425</a> by <a href="https://github.com/eps1lon"><code>@eps1lon</code></a> and <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>)</li> </ul> <h2>19.2.5 (April 8th, 2026)</h2> <h2>React Server Components</h2> <ul> <li>Add more cycle protections (<a href="https://redirect.github.com/facebook/react/pull/36236">#36236</a> by <a href="https://github.com/eps1lon"><code>@eps1lon</code></a> and <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/react/react/commit/6117d7cca4906492c51fe6a03381e35adfd86e7d"><code>6117d7c</code></a> Version 19.2.7 (<a href="https://github.com/facebook/react/tree/HEAD/packages/react-dom/issues/36591">#36591</a>)</li> <li><a href="https://github.com/react/react/commit/eaf3e95ca92be7a23d3c9cc8ffd6f199a40be401"><code>eaf3e95</code></a> Version 19.2.6</li> <li><a href="https://github.com/react/react/commit/23f4f9f30da9e9af2108c18bb197bae75ab584ea"><code>23f4f9f</code></a> 19.2.5</li> <li>See full diff in <a href="https://github.com/facebook/react/commits/v19.2.7/packages/react-dom">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new releaser for react-dom since your current version.</p> </details> <br /> Updates `shiki` from 4.0.2 to 4.2.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/shikijs/shiki/releases">shiki's releases</a>.</em></p> <blockquote> <h2>v4.2.0</h2> <h3> 🚀 Features</h3> <ul> <li>Add <code>@shikijs/stream</code> and <code>@shikijs/magic-move</code> packages - by <a href="https://github.com/antfu"><code>@antfu</code></a> in <a href="https://redirect.github.com/shikijs/shiki/issues/1283">shikijs/shiki#1283</a> <a href="https://github.com/shikijs/shiki/commit/d031f9b6"><!-- raw HTML omitted -->(d031f)<!-- raw HTML omitted --></a></li> </ul> <h3> 🐞 Bug Fixes</h3> <ul> <li><strong>transformers</strong>: Handle YAML comment prefixes correctly for v3 - by <a href="https://github.com/AkaHarshit"><code>@AkaHarshit</code></a> in <a href="https://redirect.github.com/shikijs/shiki/issues/1266">shikijs/shiki#1266</a> <a href="https://github.com/shikijs/shiki/commit/f694a725"><!-- raw HTML omitted -->(f694a)<!-- raw HTML omitted --></a></li> <li><strong>vitepress-twoslash</strong>: Scroll blocking on mobile viewports - by <a href="https://github.com/micaiguai"><code>@micaiguai</code></a> in <a href="https://redirect.github.com/shikijs/shiki/issues/1262">shikijs/shiki#1262</a> <a href="https://github.com/shikijs/shiki/commit/9e0e89c8"><!-- raw HTML omitted -->(9e0e8)<!-- raw HTML omitted --></a></li> </ul> <h5> <a href="https://github.com/shikijs/shiki/compare/v4.1.0...v4.2.0">View changes on GitHub</a></h5> <h2>v4.1.0</h2> <h3> 🐞 Bug Fixes</h3> <ul> <li><strong>twoslash</strong>: Forward <code>tsModule</code> to <code>createTwoslasher</code> - by <a href="https://github.com/arthurfiorette"><code>@arthurfiorette</code></a> in <a href="https://redirect.github.com/shikijs/shiki/issues/1271">shikijs/shiki#1271</a> <a href="https://github.com/shikijs/shiki/commit/be89afcf"><!-- raw HTML omitted -->(be89a)<!-- raw HTML omitted --></a></li> </ul> <h5> <a href="https://github.com/shikijs/shiki/compare/v4.0.2...v4.1.0">View changes on GitHub</a></h5> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/shikijs/shiki/commit/1d56dae84801bad3a48dc7104437fbc21819ee4c"><code>1d56dae</code></a> chore: release v4.2.0</li> <li><a href="https://github.com/shikijs/shiki/commit/c809af96f1907877c5cebfeee98ac5d55193140b"><code>c809af9</code></a> chore: release v4.1.0</li> <li><a href="https://github.com/shikijs/shiki/commit/95371cb1b3c00ced5b437a11f603939002f9ecae"><code>95371cb</code></a> chore: lint</li> <li>See full diff in <a href="https://github.com/shikijs/shiki/commits/v4.2.0/packages/shiki">compare view</a></li> </ul> </details> <br /> Updates `tailwind-merge` from 3.5.0 to 3.6.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dcastil/tailwind-merge/releases">tailwind-merge's releases</a>.</em></p> <blockquote> <h2>v3.6.0</h2> <h3>New Features</h3> <ul> <li>Add support for Tailwind CSS v4.3 by <a href="https://github.com/dcastil"><code>@dcastil</code></a> in <a href="https://redirect.github.com/dcastil/tailwind-merge/pull/677">dcastil/tailwind-merge#677</a> <ul> <li>Add <code>postfixLookupClassGroups</code> option to config to support Tailwind utilities where a slash is part of the full class name, like named container queries</li> </ul> </li> <li>Add support for readonly array values by <a href="https://github.com/unional"><code>@unional</code></a> in <a href="https://redirect.github.com/dcastil/tailwind-merge/pull/652">dcastil/tailwind-merge#652</a></li> </ul> <h3>Documentation</h3> <ul> <li>Fix broken links in README by <a href="https://github.com/maurer2"><code>@maurer2</code></a> in <a href="https://redirect.github.com/dcastil/tailwind-merge/pull/662">dcastil/tailwind-merge#662</a></li> </ul> <h3>Other</h3> <ul> <li>Harden internal CI pipeline security by omitting git checkout by <a href="https://github.com/dcastil"><code>@dcastil</code></a>, suggested by <a href="https://github.com/kyletaylored"><code>@kyletaylored</code></a> in <a href="https://github.com/dcastil/tailwind-merge/commit/6b2499c10cf52bed42426d30b4219e90374b30d6">https://github.com/dcastil/tailwind-merge/commit/6b2499c10cf52bed42426d30b4219e90374b30d6</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dcastil/tailwind-merge/compare/v3.5.0...v3.6.0">https://github.com/dcastil/tailwind-merge/compare/v3.5.0...v3.6.0</a></p> <p>Thanks to <a href="https://github.com/brandonmcconnell"><code>@brandonmcconnell</code></a>, <a href="https://github.com/manavm1990"><code>@manavm1990</code></a>, <a href="https://github.com/langy"><code>@langy</code></a>, <a href="https://github.com/roboflow"><code>@roboflow</code></a>, <a href="https://github.com/syntaxfm"><code>@syntaxfm</code></a>, <a href="https://github.com/getsentry"><code>@getsentry</code></a>, <a href="https://github.com/codecov"><code>@codecov</code></a>, a private sponsor, <a href="https://github.com/block"><code>@block</code></a>, <a href="https://github.com/openclaw"><code>@openclaw</code></a>, <a href="https://github.com/sourcegraph"><code>@sourcegraph</code></a>, <a href="https://github.com/mike-healy"><code>@mike-healy</code></a> and more via <a href="https://github.com/thnxdev"><code>@thnxdev</code></a> for sponsoring tailwind-merge! ❤️</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dcastil/tailwind-merge/commit/d54f7e5713c653d0171971405344f7c6e44d418f"><code>d54f7e5</code></a> v3.6.0</li> <li><a href="https://github.com/dcastil/tailwind-merge/commit/638871a67a0a124ac9275eda77cd08b03f2f045e"><code>638871a</code></a> Update README to add info about Tailwind CSS v4.3 support</li> <li><a href="https://github.com/dcastil/tailwind-merge/commit/39fc7b5e915493e5eb3ddb1ca615f5b2eeff2540"><code>39fc7b5</code></a> Revert "v3.6.0"</li> <li><a href="https://github.com/dcastil/tailwind-merge/commit/bd8390f6ca387f93c9e989fb3fb09924fb843445"><code>bd8390f</code></a> v3.6.0</li> <li><a href="https://github.com/dcastil/tailwind-merge/commit/802877c6e31f9fb64c627e5e760729a16cd0a69b"><code>802877c</code></a> add v3.6.0 changelog</li> <li><a href="https://github.com/dcastil/tailwind-merge/commit/a35fedac7d1fc8756223da94290a83a32068d2ae"><code>a35feda</code></a> Merge pull request <a href="https://redirect.github.com/dcastil/tailwind-merge/issues/665">#665</a> from dcastil/renovate/rollup-plugin-babel-7.x</li> <li><a href="https://github.com/dcastil/tailwind-merge/commit/940389cf89ed0da277ff5c01b98fd619687926e9"><code>940389c</code></a> Merge pull request <a href="https://redirect.github.com/dcastil/tailwind-merge/issues/667">#667</a> from dcastil/renovate/release-drafter-release-drafter...</li> <li><a href="https://github.com/dcastil/tailwind-merge/commit/005af6df08cfbe2adac7ca6cb5a7be02b9261fbd"><code>005af6d</code></a> pin to specific version</li> <li><a href="https://github.com/dcastil/tailwind-merge/commit/5816ced627ebcaefd497ad8e4202baf750dd545c"><code>5816ced</code></a> implement breaking changes</li> <li><a href="https://github.com/dcastil/tailwind-merge/commit/17041e17c5b9c96fcb0f4758c718799cb3af14a6"><code>17041e1</code></a> Merge pull request <a href="https://redirect.github.com/dcastil/tailwind-merge/issues/676">#676</a> from dcastil/dependabot/npm_and_yarn/babel/plugin-tra...</li> <li>Additional commits viewable in <a href="https://github.com/dcastil/tailwind-merge/compare/v3.5.0...v3.6.0">compare view</a></li> </ul> </details> <br /> Updates `@tailwindcss/postcss` from 4.2.2 to 4.3.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tailwindlabs/tailwindcss/releases">@tailwindcss/postcss's releases</a>.</em></p> <blockquote> <h2>v4.3.1</h2> <h3>Added</h3> <ul> <li>Add <code>--silent</code> option to suppress output in <code>@tailwindcss/cli</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20100">#20100</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Remove deprecation warnings by using <code>Module#registerHooks</code> instead of <code>Module#register</code> on Node 26+ (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20028">#20028</a>)</li> <li>Canonicalization: don't crash when plugin utilities throw for unsupported values (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20052">#20052</a>)</li> <li>Allow <code>@apply</code> to be used with CSS mixins (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19427">#19427</a>)</li> <li>Ensure <code>not-*</code> correctly negates <code>@container</code> queries, including <code>style(…)</code> queries (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20059">#20059</a>)</li> <li>Ensure <code>drop-shadow-*</code> color utilities work with custom shadow values containing <code>calc(…)</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20080">#20080</a>)</li> <li>Fix 'Sourcemap is likely to be incorrect' warnings when using <code>@tailwindcss/vite</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20103">#20103</a>)</li> <li>Ensure <code>@tailwindcss/webpack</code> can be installed in Rspack projects without requiring <code>webpack</code> as a peer dependency (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20027">#20027</a>)</li> <li>Canonicalization: don't suggest invalid <code>calc(…)</code> expressions (e.g. <code>px-[calc(1rem+0px)]</code> → <code>px-[calc(1rem+0)]</code>) (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20127">#20127</a>)</li> <li>Canonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. <code>left-[99999px]</code> → <code>left-[99999px]</code>, not <code>left-24999.75</code>) (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20130">#20130</a>)</li> <li>Ensure <code>@tailwindcss/cli</code> in <code>--watch</code> mode recovers when a tracked dependency is deleted and restored (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20137">#20137</a>)</li> <li>Ensure standalone <code>@tailwindcss/cli</code> binaries are ignored when scanning for class candidates (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20139">#20139</a>)</li> <li>Ensure class candidates are extracted from Twig <code>addClass(…)</code> and <code>removeClass(…)</code> calls (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20198">#20198</a>)</li> <li>Don't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19588">#19588</a>)</li> <li>Allow <code>@variant</code> to be used inside <code>addBase</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19480">#19480</a>)</li> <li>Ensure <code>@source</code> globs with symlinks are preserved (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203">#20203</a>)</li> <li>Ensure later <code>@source</code> rules can re-include files excluded by earlier <code>@source not</code> rules (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203">#20203</a>)</li> <li>Upgrade: don't migrate empty class rules to invalid <code>@utility</code> rules (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20205">#20205</a>)</li> <li>Ensure transitions between <code>inset-shadow-none</code> and other inset shadows work correctly (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20208">#20208</a>)</li> <li>Ensure explicitly referenced <code>@source</code> directories are scanned even when ignored by git (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20214">#20214</a>)</li> <li>Ensure <code>@source</code> globs ending in <code>**/*</code> preserve dynamic path segments to avoid scanning too many files (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20217">#20217</a>)</li> <li>Canonicalization: don't fold <code>calc(…)</code> divisions when the result would require high precision (e.g. <code>w-[calc(100%/3.5)]</code> → <code>w-[calc(100%/3.5)]</code>, not <code>w-[28.571428571428573%]</code>) (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20221">#20221</a>)</li> <li>Serve ESM type declarations to ESM importers of <code>@tailwindcss/postcss</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20228">#20228</a>)</li> </ul> <h3>Changed</h3> <ul> <li>Generate <code>0</code> instead of <code>calc(var(--spacing) * 0)</code> for spacing utilities like <code>m-0</code> and <code>left-0</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196">#20196</a>)</li> <li>Generate <code>var(--spacing)</code> instead of <code>calc(var(--spacing) * 1)</code> for spacing utilities like <code>m-1</code> and <code>left-1</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196">#20196</a>)</li> </ul> <h2>v4.3.0</h2> <h3>Added</h3> <ul> <li>Add <code>@container-size</code> utility (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18901">#18901</a>)</li> <li>Add <code>scrollbar-{auto,thin,none}</code> utilities for <code>scrollbar-width</code>, and <code>scrollbar-thumb-*</code> / <code>scrollbar-track-*</code> color utilities for <code>scrollbar-color</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19981">#19981</a>, <a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20019">#20019</a>)</li> <li>Add <code>scrollbar-gutter-*</code> utilities (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20018">#20018</a>)</li> <li>Add <code>zoom-*</code> utilities (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20020">#20020</a>)</li> <li>Add <code>tab-*</code> utilities (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20022">#20022</a>)</li> <li>Allow using <code>@variant</code> with stacked variants (e.g. <code>@variant hover:focus { … }</code>) (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19996">#19996</a>)</li> <li>Allow using <code>@variant</code> with compound variants (e.g. <code>@variant hover, focus { … }</code>) (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19996">#19996</a>)</li> <li>Support <code>--default(…)</code> in <code>--value(…)</code> and <code>--modifier(…)</code> for functional <code>@utility</code> definitions (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19989">#19989</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Ensure <code>@plugin</code> resolves package JavaScript entries instead of browser CSS entries when using <code>@tailwindcss/vite</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19949">#19949</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md">@tailwindcss/postcss's changelog</a>.</em></p> <blockquote> <h2>[4.3.1] - 2026-06-12</h2> <h3>Added</h3> <ul> <li>Add <code>--silent</code> option to suppress output in <code>@tailwindcss/cli</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20100">#20100</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Remove deprecation warnings by using <code>Module#registerHooks</code> instead of <code>Module#register</code> on Node 26+ (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20028">#20028</a>)</li> <li>Canonicalization: don't crash when plugin utilities throw for unsupported values (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20052">#20052</a>)</li> <li>Allow <code>@apply</code> to be used with CSS mixins (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19427">#19427</a>)</li> <li>Ensure <code>not-*</code> correctly negates <code>@container</code> queries, including <code>style(…)</code> queries (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20059">#20059</a>)</li> <li>Ensure <code>drop-shadow-*</code> color utilities work with custom shadow values containing <code>calc(…)</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20080">#20080</a>)</li> <li>Fix 'Sourcemap is likely to be incorrect' warnings when using <code>@tailwindcss/vite</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20103">#20103</a>)</li> <li>Ensure <code>@tailwindcss/webpack</code> can be installed in Rspack projects without requiring <code>webpack</code> as a peer dependency (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20027">#20027</a>)</li> <li>Canonicalization: don't suggest invalid <code>calc(…)</code> expressions (e.g. <code>px-[calc(1rem+0px)]</code> → <code>px-[calc(1rem+0)]</code>) (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20127">#20127</a>)</li> <li>Canonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. <code>left-[99999px]</code> → <code>left-[99999px]</code>, not <code>left-24999.75</code>) (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20130">#20130</a>)</li> <li>Ensure <code>@tailwindcss/cli</code> in <code>--watch</code> mode recovers when a tracked dependency is deleted and restored (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20137">#20137</a>)</li> <li>Ensure standalone <code>@tailwindcss/cli</code> binaries are ignored when scanning for class candidates (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20139">#20139</a>)</li> <li>Ensure class candidates are extracted from Twig <code>addClass(…)</code> and <code>removeClass(…)</code> calls (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20198">#20198</a>)</li> <li>Don't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19588">#19588</a>)</li> <li>Allow <code>@variant</code> to be used inside <code>addBase</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19480">#19480</a>)</li> <li>Ensure <code>@source</code> globs with symlinks are preserved (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203">#20203</a>)</li> <li>Ensure later <code>@source</code> rules can re-include files excluded by earlier <code>@source not</code> rules (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203">#20203</a>)</li> <li>Upgrade: don't migrate empty class rules to invalid <code>@utility</code> rules (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20205">#20205</a>)</li> <li>Ensure transitions between <code>inset-shadow-none</code> and other inset shadows work correctly (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20208">#20208</a>)</li> <li>Ensure explicitly referenced <code>@source</code> directories are scanned even when ignored by git (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20214">#20214</a>)</li> <li>Ensure <code>@source</code> globs ending in <code>**/*</code> preserve dynamic path segments to avoid scanning too many files (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20217">#20217</a>)</li> <li>Canonicalization: don't fold <code>calc(…)</code> divisions when the result would require high precision (e.g. <code>w-[calc(100%/3.5)]</code> → <code>w-[calc(100%/3.5)]</code>, not <code>w-[28.571428571428573%]</code>) (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20221">#20221</a>)</li> <li>Serve ESM type declarations to ESM importers of <code>@tailwindcss/postcss</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20228">#20228</a>)</li> </ul> <h3>Changed</h3> <ul> <li>Generate <code>0</code> instead of <code>calc(var(--spacing) * 0)</code> for spacing utilities like <code>m-0</code> and <code>left-0</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196">#20196</a>)</li> <li>Generate <code>var(--spacing)</code> instead of <code>calc(var(--spacing) * 1)</code> for spacing utilities like <code>m-1</code> and <code>left-1</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196">#20196</a>)</li> </ul> <h2>[4.3.0] - 2026-05-08</h2> <h3>Added</h3> <ul> <li>Add <code>@container-size</code> utility (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18901">#18901</a>)</li> <li>Add <code>scrollbar-{auto,thin,none}</code> utilities for <code>scrollbar-width</code>, and <code>scrollbar-thumb-*</code> / <code>scrollbar-track-*</code> color utilities for <code>scrollbar-color</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19981">#19981</a>, <a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20019">#20019</a>)</li> <li>Add <code>scrollbar-gutter-*</code> utilities (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20018">#20018</a>)</li> <li>Add <code>zoom-*</code> utilities (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20020">#20020</a>)</li> <li>Add <code>tab-*</code> utilities (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/20022">#20022</a>)</li> <li>Allow using <code>@variant</code> with stacked variants (e.g. <code>@variant hover:focus { … }</code>) (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19996">#19996</a>)</li> <li>Allow using <code>@variant</code> with compound variants (e.g. <code>@variant hover, focus { … }</code>) (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19996">#19996</a>)</li> <li>Support <code>--default(…)</code> in <code>--value(…)</code> and <code>--modifier(…)</code> for functional <code>@utility</code> definitions (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19989">#19989</a>)</li> </ul> <h3>Fixed</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tailwindlabs/tailwindcss/commit/8a14a710102cae195f6811e8578bef9477bc6be9"><code>8a14a71</code></a> 4.3.1 (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20226">#20226</a>)</li> <li><a href="https://github.com/tailwindlabs/tailwindcss/commit/522288ca08c7ed0e7e9d3256f40fd36981d451a3"><code>522288c</code></a> Serve ESM type declarations to ESM importers of <code>@tailwindcss/postcss</code> (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20228">#20228</a>)</li> <li><a href="https://github.com/tailwindlabs/tailwindcss/commit/8dcdb66e8a58b9df621ed1a9cb59396e0ddb6dd7"><code>8dcdb66</code></a> Bump dependencies (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20095">#20095</a>)</li> <li><a href="https://github.com/tailwindlabs/tailwindcss/commit/588bd7371f4cae96426e1387819b7fd1d99765f9"><code>588bd73</code></a> 4.3.0 (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20023">#20023</a>)</li> <li><a href="https://github.com/tailwindlabs/tailwindcss/commit/12eb5ae7b6026ff64c04f889b2221418d772da72"><code>12eb5ae</code></a> Cleanup noisy test output (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20015">#20015</a>)</li> <li><a href="https://github.com/tailwindlabs/tailwindcss/commit/4255671c5f792c42808ecd6b2dec27c16e3c559e"><code>4255671</code></a> Improve snapshot tests (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20013">#20013</a>)</li> <li><a href="https://github.com/tailwindlabs/tailwindcss/commit/52f94c74bb491e9c3641ce322a0ef90fb3c45de6"><code>52f94c7</code></a> Improve codebase quality (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/19999">#19999</a>)</li> <li><a href="https://github.com/tailwindlabs/tailwindcss/commit/d194d4c3e656313421f1cfa1954db8f58eec0fcd"><code>d194d4c</code></a> docs: fix various typos in comments and documentation (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/19878">#19878</a>)</li> <li><a href="https://github.com/tailwindlabs/tailwindcss/commit/bfb5732b0b948d89c6803cb537bca168ec8e0a46"><code>bfb5732</code></a> Fall back to the plugin <code>base</code> when PostCSS has no <code>from</code> option (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/19980">#19980</a>)</li> <li><a href="https://github.com/tailwindlabs/tailwindcss/commit/3a890c35727fe0630c59b72dbec799d02e3c4800"><code>3a890c3</code></a> Bump dependencies (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/19957">#19957</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tailwindlabs/tailwindcss/commits/v4.3.1/packages/@tailwindcss-postcss">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new releaser for <code>@tailwindcss/postcss</code> since your current version.</p> </details> <br /> Updates `@types/react` from 19.2.14 to 19.2.17 <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react">compare view</a></li> </ul> </details> <br /> Updates `eslint-config-next` from 16.2.1 to 16.2.9 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vercel/next.js/releases">eslint-config-next's releases</a>.</em></p> <blockquote> <h2>v16.2.9</h2> <p>Empty release to ensure <code>next@latest</code> points at a stable release. Next.js only allows publishing with Trusted Publishing enabled. In order to fix NPM dist-tags, we have to release a new version. Updating dist-tags is not possible with Trusted Publishing.</p> <h2>v16.2.8</h2> <p>Release with no changes in an attempt to fix <code>next@latest</code> pointing at a prerelease version.</p> <h2>v16.2.7</h2> <blockquote> <p>[!NOTE] This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>Backport documentation fixes for v16.2 (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/93804">#93804</a>)</li> <li>[backport] Patch <code>playwright-core</code> to resolve <code>_finishedPromise</code> on <code>requestFailed</code> (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/93920">#93920</a>)</li> <li>[backport] Fix dev mode hydration failure when page is served from HTTP cache (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/93492">#93492</a>)</li> <li>[backport] Fix catch-all <code>router.query</code> corruption with <code>basePath</code> + <code>rewrites</code> (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/93917">#93917</a>)</li> <li>[backport] Encode non-ASCII characters in cache tags at construction (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/93918">#93918</a>)</li> <li>[backport] Fix server action forwarding loop with middleware rewrites (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/93919">#93919</a>)</li> <li>[backport] Turbopack: switch from base40 to base38 hash encoding (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/93932">#93932</a>)</li> <li>[ci] Disable hanging node 24 typescript tests on 16.2 backport branch (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/94164">#94164</a>)</li> <li>[backport] Fix "type: module" in project dir when using standalone or adapters (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/94050">#94050</a>)</li> <li>[backport] Propagate adapter preferred regions (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/94200">#94200</a>)</li> <li>[16.2.x] Don't drop <code>FormData</code> entries (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/94240">#94240</a>)</li> <li>[backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/94284">#94284</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/eps1lon"><code>@eps1lon</code></a>, <a href="https://github.com/icyJoseph"><code>@icyJoseph</code></a>, <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>, <a href="https://github.com/mischnic"><code>@mischnic</code></a>, <a href="https://github.com/bgw"><code>@bgw</code></a>, <a href="https://github.com/timneutkens"><code>@timneutkens</code></a>, and <a href="https://github.com/lukesandberg"><code>@lukesandberg</code></a> for helping!</p> <h2>v16.2.6</h2> <blockquote> <p>[!NOTE] This release contains security fixes and backported bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Security Fixes</h3> <p>The following advisories have been addressed:</p> <p><strong>High:</strong></p> <ul> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj">GHSA-8h8q-6873-q5fj: Denial of Service with Server Components</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f">GHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6">GHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - <strong>Incomplete Fix Follow-Up</strong></a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx">GHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv">GHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r">GHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5">GHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n</a></li> </ul> <p><strong>Moderate:</strong></p> <ul> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q">GHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h">GHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh">GHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vercel/next.js/commit/f37fad940522e000af5498209fd237d863b4fa16"><code>f37fad9</code></a> v16.2.9</li> <li><a href="https://github.com/vercel/next.js/commit/6f1680448c81904efcd36704edf01a6b7323abbf"><code>6f16804</code></a> v16.2.8</li> <li><a href="https://github.com/vercel/next.js/commit/411c455dcdec630b9e2e83d24e27b0f9e05927b6"><code>411c455</code></a> v16.2.7</li> <li><a href="https://github.com/vercel/next.js/commit/ee6e79b1792a4d401ddf2480f40a83549fe8e722"><code>ee6e79b</code></a> v16.2.6</li> <li><a href="https://github.com/vercel/next.js/commit/766148f9cd48c0e218acafcd0f15defc14871bf4"><code>766148f</code></a> v16.2.5</li> <li><a href="https://github.com/vercel/next.js/commit/2275bd8598c88e8652d1271e74bcf972f72f4f38"><code>2275bd8</code></a> v16.2.4</li> <li><a href="https://github.com/vercel/next.js/commit/d5f649b2f4affdad1009cb178c1e3b37f4f1ad3f"><code>d5f649b</code></a> v16.2.3</li> <li><a href="https://github.com/vercel/next.js/commit/52faae3d94641584e13691238df5be158d0f00fb"><code>52faae3</code></a> v16.2.2</li> <li>See full diff in <a href="https://github.com/vercel/next.js/commits/v16.2.9/packages/eslint-config-next">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new releaser for eslint-config-next since your current version.</p> </details> <br /> Updates `prettier` from 3.8.3 to 3.8.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/prettier/prettier/releases">prettier's releases</a>.</em></p> <blockquote> <h2>3.8.4</h2> <ul> <li>Markdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (<a href="https://redirect.github.com/prettier/prettier/pull/17746">prettier/prettier#17746</a> by <a href="https://github.com/byplayer"><code>@byplayer</code></a>)</li> </ul> <p>🔗 <a href="https://github.com/prettier/prettier/blob/3.8.4/CHANGELOG.md#384">Changelog</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/prettier/prettier/blob/main/CHANGELOG.md">prettier's changelog</a>.</em></p> <blockquote> <h1>3.8.4</h1> <p><a href="https://github.com/prettier/prettier/compare/3.8.3...3.8.4">diff</a></p> <h4>Markdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (<a href="https://redirect.github.com/prettier/prettier/pull/17746">#17746</a> by <a href="https://github.com/byplayer"><code>@byplayer</code></a>)</h4> <p>Prettier was removing blank lines between list items and their nested sub-lists, converting loose lists into tight lists and changing their semantic meaning.</p> <!-- raw HTML omitted --> <pre lang="markdown"><code><!-- Input --> - a <ul> <li> <p>b</p> </li> <li> <p>c</p> <ul> <li>d</li> </ul> </li> </ul> <p><!-- Prettier 3.8.3 --></p> <ul> <li>a <ul> <li>b</li> </ul> </li> <li>c <ul> <li>d</li> </ul> </li> </ul> <p><!-- Prettier 3.8.4 --></p> <ul> <li> <p>a</p> <ul> <li>b</li> </ul> </li> <li> <p>c</p> <ul> <li>d<br /> </code></pre></li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/prettier/prettier/commit/1c6ba5539141552e0e8e22d401ea620d8fdff468"><code>1c6ba55</code></a> Release 3.8.4</li> <li><a href="https://github.com/prettier/prettier/commit/4a673dc9b59ddf7296bbab9822093d2971da84a8"><code>4a673dc</code></a> Fix blank lines between list items and nested sub-lists being removed in Mark...</li> <li><a href="https://github.com/prettier/prettier/commit/074aaedbb052a288e89d15eb0a4214de37a08866"><code>074aaed</code></a> Replace <code>main</code> branch in changelog link with tags (<a href="https://redirect.github.com/prettier/prettier/issues/19054">#19054</a>)</li> <li><a href="https://github.com/prettier/prettier/commit/c22a003ae97917c5043e8685b4fdff0f93e978f9"><code>c22a003</code></a> Bump Prettier dependency to 3.8.3</li> <li><a href="https://github.com/prettier/prettier/commit/07bad1f04536e9799927007baf466e67151576f0"><code>07bad1f</code></a> Clean changelog_unreleased</li> <li>See full diff in <a href="https://github.com/prettier/prettier/compare/3.8.3...3.8.4">compare view</a></li> </ul> </details> <br /> Updates `prettier-plugin-tailwindcss` from 0.7.3 to 0.8.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tailwindlabs/prettier-plugin-tailwindcss/releases">prettier-plugin-tailwindcss's releases</a>.</em></p> <blockquote> <h2>v0.8.0</h2> <h3>Changed</h3> <ul> <li>Require at least Prettier 3.7.x (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/420">#420</a>)</li> </ul> <h3>Added</h3> <ul> <li>Export public sorting APIs to <code>/sorter</code> (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/438">#438</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Remove top-level await (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/420">#420</a>)</li> <li>Improve load-time performance (<a href="https://redirect.github.com/tailwindlabs/prettier-plugin-tailwindcss/pull/420">#420</a>)</li> <li>Improve config resolution caching with directory-based cache (<a href="https://redirect.github.com/tailwindlabs/prettier-... _Description has been truncated_
- Merged
chore: bump actions/github-script from 7 to 9
#38dependabot/github_actions/actions/github-script-9 → main
Bumps [actions/github-script](https://github.com/actions/github-script) from 7 to 9. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/github-script/releases">actions/github-script's releases</a>.</em></p> <blockquote> <h2>v9.0.0</h2> <p><strong>New features:</strong></p> <ul> <li><strong><code>getOctokit</code> factory function</strong> — Available directly in the script context. Create additional authenticated Octokit clients with different tokens for multi-token workflows, GitHub App tokens, and cross-org access. See <a href="https://github.com/actions/github-script#creating-additional-clients-with-getoctokit">Creating additional clients with <code>getOctokit</code></a> for details and examples.</li> <li><strong>Orchestration ID in user-agent</strong> — The <code>ACTIONS_ORCHESTRATION_ID</code> environment variable is automatically appended to the user-agent string for request tracing.</li> </ul> <p><strong>Breaking changes:</strong></p> <ul> <li><strong><code>require('@actions/github')</code> no longer works in scripts.</strong> The upgrade to <code>@actions/github</code> v9 (ESM-only) means <code>require('@actions/github')</code> will fail at runtime. If you previously used patterns like <code>const { getOctokit } = require('@actions/github')</code> to create secondary clients, use the new injected <code>getOctokit</code> function instead — it's available directly in the script context with no imports needed.</li> <li><code>getOctokit</code> is now an injected function parameter. Scripts that declare <code>const getOctokit = ...</code> or <code>let getOctokit = ...</code> will get a <code>SyntaxError</code> because JavaScript does not allow <code>const</code>/<code>let</code> redeclaration of function parameters. Use the injected <code>getOctokit</code> directly, or use <code>var getOctokit = ...</code> if you need to redeclare it.</li> <li>If your script accesses other <code>@actions/github</code> internals beyond the standard <code>github</code>/<code>octokit</code> client, you may need to update those references for v9 compatibility.</li> </ul> <h2>What's Changed</h2> <ul> <li>Add ACTIONS_ORCHESTRATION_ID to user-agent string by <a href="https://github.com/Copilot"><code>@Copilot</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/695">actions/github-script#695</a></li> <li>ci: use deployment: false for integration test environments by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/712">actions/github-script#712</a></li> <li>feat!: add getOctokit to script context, upgrade <code>@actions/github</code> v9, <code>@octokit/core</code> v7, and related packages by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/700">actions/github-script#700</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Copilot"><code>@Copilot</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/695">actions/github-script#695</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/github-script/compare/v8.0.0...v9.0.0">https://github.com/actions/github-script/compare/v8.0.0...v9.0.0</a></p> <h2>v8.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update Node.js version support to 24.x by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/637">actions/github-script#637</a></li> <li>README for updating actions/github-script from v7 to v8 by <a href="https://github.com/sneha-krip"><code>@sneha-krip</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/653">actions/github-script#653</a></li> </ul> <h2>⚠️ Minimum Compatible Runner Version</h2> <p><strong>v2.327.1</strong><br /> <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <p>Make sure your runner is updated to this version or newer to use this release.</p> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/637">actions/github-script#637</a></li> <li><a href="https://github.com/sneha-krip"><code>@sneha-krip</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/653">actions/github-script#653</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/github-script/compare/v7.1.0...v8.0.0">https://github.com/actions/github-script/compare/v7.1.0...v8.0.0</a></p> <h2>v7.1.0</h2> <h2>What's Changed</h2> <ul> <li>Upgrade husky to v9 by <a href="https://github.com/benelan"><code>@benelan</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/482">actions/github-script#482</a></li> <li>Add workflow file for publishing releases to immutable action package by <a href="https://github.com/Jcambass"><code>@Jcambass</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/485">actions/github-script#485</a></li> <li>Upgrade IA Publish by <a href="https://github.com/Jcambass"><code>@Jcambass</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/486">actions/github-script#486</a></li> <li>Fix workflow status badges by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/497">actions/github-script#497</a></li> <li>Update usage of <code>actions/upload-artifact</code> by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/512">actions/github-script#512</a></li> <li>Clear up package name confusion by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/514">actions/github-script#514</a></li> <li>Update dependencies with <code>npm audit fix</code> by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/515">actions/github-script#515</a></li> <li>Specify that the used script is JavaScript by <a href="https://github.com/timotk"><code>@timotk</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/478">actions/github-script#478</a></li> <li>chore: Add Dependabot for NPM and Actions by <a href="https://github.com/nschonni"><code>@nschonni</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/472">actions/github-script#472</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/github-script/commit/3a2844b7e9c422d3c10d287c895573f7108da1b3"><code>3a2844b</code></a> Merge pull request <a href="https://redirect.github.com/actions/github-script/issues/700">#700</a> from actions/salmanmkc/expose-getoctokit + prepare re...</li> <li><a href="https://github.com/actions/github-script/commit/ca10bbdd1a7739de09e99a200c7a59f5d73a4079"><code>ca10bbd</code></a> fix: use <code>@octokit/core/</code>types import for v7 compatibility</li> <li><a href="https://github.com/actions/github-script/commit/86e48e20ac85c970ed1f96e718fd068173948b7b"><code>86e48e2</code></a> merge: incorporate main branch changes</li> <li><a href="https://github.com/actions/github-script/commit/c1084728b5b935ec4ddc1e4cee877b01797b3ff9"><code>c108472</code></a> chore: rebuild dist for v9 upgrade and getOctokit factory</li> <li><a href="https://github.com/actions/github-script/commit/afff112e4f8b57c718168af75b89ce00bc8d091d"><code>afff112</code></a> Merge pull request <a href="https://redirect.github.com/actions/github-script/issues/712">#712</a> from actions/salmanmkc/deployment-false + fix user-ag...</li> <li><a href="https://github.com/actions/github-script/commit/ff8117e5b78c415f814f39ad6998f424fee7b817"><code>ff8117e</code></a> ci: fix user-agent test to handle orchestration ID</li> <li><a href="https://github.com/actions/github-script/commit/81c6b7876079abe10ff715951c9fc7b3e1ab389d"><code>81c6b78</code></a> ci: use deployment: false to suppress deployment noise from integration tests</li> <li><a href="https://github.com/actions/github-script/commit/3953caf8858d318f37b6cc53a9f5708859b5a7b7"><code>3953caf</code></a> docs: update README examples from <a href="https://github.com/v8"><code>@v8</code></a> to <a href="https://github.com/v9"><code>@v9</code></a>, add getOctokit docs and v9 brea...</li> <li><a href="https://github.com/actions/github-script/commit/c17d55b90dcdb3d554d0027a6c180a7adc2daf78"><code>c17d55b</code></a> ci: add getOctokit integration test job</li> <li><a href="https://github.com/actions/github-script/commit/a047196d9a02fe92098771cafbb98c2f1814e408"><code>a047196</code></a> test: add getOctokit integration tests via callAsyncFunction</li> <li>Additional commits viewable in <a href="https://github.com/actions/github-script/compare/v7...v9">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
- Merged
chore: add PR auto-labeler and update issue template labels
#37chore/pr-labeler-and-issue-labels → main
## What & Why - Add a GitHub Actions workflow to auto-label PRs based on title prefix (feat:, fix:, etc.). - Change feature request issue template label from `feat` to `enhancement`. - Change bug report issue template label from `fix` to `bug`. ## Related Issue N/A ## How to Verify 1. Open a PR with `feat:` prefix and verify `feat` label is auto-applied. 2. Create an issue with Feature Request template and verify `enhancement` label is applied. 3. Create an issue with Bug Report template and verify `bug` label is applied. ## Checklist - [x] PR title follows [Conventional Commits](https://www.conventionalcommits.org/) (`feat:`, `fix:`, `chore:`, `refactor:`, `docs:`, `i18n:`) - [ ] Translations added to both `locales/ko.json` and `locales/en.json` (if UI text changed) - [ ] Tested on mobile viewport (if UI changed)
Jiseoup · 2026년 6월 22일chore - Closed
chore(deps-dev): bump eslint-config-next from 16.2.1 to 16.2.9
#36dependabot/npm_and_yarn/eslint-config-next-16.2.9 → main
Bumps [eslint-config-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next) from 16.2.1 to 16.2.9. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vercel/next.js/releases">eslint-config-next's releases</a>.</em></p> <blockquote> <h2>v16.2.9</h2> <p>Empty release to ensure <code>next@latest</code> points at a stable release. Next.js only allows publishing with Trusted Publishing enabled. In order to fix NPM dist-tags, we have to release a new version. Updating dist-tags is not possible with Trusted Publishing.</p> <h2>v16.2.8</h2> <p>Release with no changes in an attempt to fix <code>next@latest</code> pointing at a prerelease version.</p> <h2>v16.2.7</h2> <blockquote> <p>[!NOTE] This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>Backport documentation fixes for v16.2 (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/93804">#93804</a>)</li> <li>[backport] Patch <code>playwright-core</code> to resolve <code>_finishedPromise</code> on <code>requestFailed</code> (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/93920">#93920</a>)</li> <li>[backport] Fix dev mode hydration failure when page is served from HTTP cache (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/93492">#93492</a>)</li> <li>[backport] Fix catch-all <code>router.query</code> corruption with <code>basePath</code> + <code>rewrites</code> (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/93917">#93917</a>)</li> <li>[backport] Encode non-ASCII characters in cache tags at construction (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/93918">#93918</a>)</li> <li>[backport] Fix server action forwarding loop with middleware rewrites (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/93919">#93919</a>)</li> <li>[backport] Turbopack: switch from base40 to base38 hash encoding (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/93932">#93932</a>)</li> <li>[ci] Disable hanging node 24 typescript tests on 16.2 backport branch (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/94164">#94164</a>)</li> <li>[backport] Fix "type: module" in project dir when using standalone or adapters (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/94050">#94050</a>)</li> <li>[backport] Propagate adapter preferred regions (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/94200">#94200</a>)</li> <li>[16.2.x] Don't drop <code>FormData</code> entries (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/94240">#94240</a>)</li> <li>[backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/94284">#94284</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/eps1lon"><code>@eps1lon</code></a>, <a href="https://github.com/icyJoseph"><code>@icyJoseph</code></a>, <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>, <a href="https://github.com/mischnic"><code>@mischnic</code></a>, <a href="https://github.com/bgw"><code>@bgw</code></a>, <a href="https://github.com/timneutkens"><code>@timneutkens</code></a>, and <a href="https://github.com/lukesandberg"><code>@lukesandberg</code></a> for helping!</p> <h2>v16.2.6</h2> <blockquote> <p>[!NOTE] This release contains security fixes and backported bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Security Fixes</h3> <p>The following advisories have been addressed:</p> <p><strong>High:</strong></p> <ul> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj">GHSA-8h8q-6873-q5fj: Denial of Service with Server Components</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f">GHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6">GHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - <strong>Incomplete Fix Follow-Up</strong></a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx">GHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv">GHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r">GHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5">GHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n</a></li> </ul> <p><strong>Moderate:</strong></p> <ul> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q">GHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h">GHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input</a></li> <li><a href="https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh">GHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vercel/next.js/commit/f37fad940522e000af5498209fd237d863b4fa16"><code>f37fad9</code></a> v16.2.9</li> <li><a href="https://github.com/vercel/next.js/commit/6f1680448c81904efcd36704edf01a6b7323abbf"><code>6f16804</code></a> v16.2.8</li> <li><a href="https://github.com/vercel/next.js/commit/411c455dcdec630b9e2e83d24e27b0f9e05927b6"><code>411c455</code></a> v16.2.7</li> <li><a href="https://github.com/vercel/next.js/commit/ee6e79b1792a4d401ddf2480f40a83549fe8e722"><code>ee6e79b</code></a> v16.2.6</li> <li><a href="https://github.com/vercel/next.js/commit/766148f9cd48c0e218acafcd0f15defc14871bf4"><code>766148f</code></a> v16.2.5</li> <li><a href="https://github.com/vercel/next.js/commit/2275bd8598c88e8652d1271e74bcf972f72f4f38"><code>2275bd8</code></a> v16.2.4</li> <li><a href="https://github.com/vercel/next.js/commit/d5f649b2f4affdad1009cb178c1e3b37f4f1ad3f"><code>d5f649b</code></a> v16.2.3</li> <li><a href="https://github.com/vercel/next.js/commit/52faae3d94641584e13691238df5be158d0f00fb"><code>52faae3</code></a> v16.2.2</li> <li>See full diff in <a href="https://github.com/vercel/next.js/commits/v16.2.9/packages/eslint-config-next">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new releaser for eslint-config-next since your current version.</p> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
페이지 1다음 →