chore(deps): bump the minor-and-patch group across 1 directory with 24 updates by dependabot[bot] · Pull Request #30 · jp1337/momo

dependabot · 2026-06-08T14:49:48Z

Bumps the minor-and-patch group with 23 updates in the / directory:

Package	From	To
@radix-ui/react-dialog	`1.1.15`	`1.1.16`
@radix-ui/react-dropdown-menu	`2.1.16`	`2.1.17`
@radix-ui/react-popover	`1.1.15`	`1.1.16`
@radix-ui/react-toggle-group	`1.1.11`	`1.1.12`
@radix-ui/react-tooltip	`1.2.8`	`1.2.9`
@simplewebauthn/server	`13.3.0`	`13.3.1`
framer-motion	`12.38.0`	`12.40.0`
next	`16.2.6`	`16.2.7`
next-intl	`4.11.1`	`4.13.0`
otplib	`13.4.0`	`13.4.1`
pg	`8.20.0`	`8.21.0`
react	`19.2.6`	`19.2.7`
@types/react	`19.2.14`	`19.2.17`
react-dom	`19.2.6`	`19.2.7`
swagger-ui-react	`5.32.5`	`5.32.6`
@playwright/test	`1.59.1`	`1.60.0`
@tailwindcss/postcss	`4.2.4`	`4.3.0`
@types/node	`25.6.0`	`25.9.2`
@vitest/coverage-v8	`4.1.5`	`4.1.8`
@vitest/ui	`4.1.5`	`4.1.8`
eslint-config-next	`16.2.6`	`16.2.7`
npm-check-updates	`22.1.1`	`22.2.3`
vitest	`4.1.5`	`4.1.8`

Updates @radix-ui/react-dialog from 1.1.15 to 1.1.16

Changelog

Sourced from @radix-ui/react-dialog's changelog.

1.1.16

Fixed disabled pointer events in closed dialogs

Fixed a bug where iOS text selection and editing on HTML inputs within react-dialog were broken

Fixed triggers referencing a non-existent element via aria-controls when their content is removed from the DOM (credit to @dodomorandi for the original PR)

Added repository.directory to all package.json files

Updated dependencies: @radix-ui/react-presence@1.1.6, @radix-ui/react-slot@1.2.5, @radix-ui/react-focus-guards@1.1.4, @radix-ui/react-dismissable-layer@1.1.12, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-focus-scope@1.1.9, @radix-ui/react-id@1.1.2, @radix-ui/react-portal@1.1.11, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-controllable-state@1.2.3

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @radix-ui/react-dialog since your current version.

Updates @radix-ui/react-dropdown-menu from 2.1.16 to 2.1.17

Changelog

Sourced from @radix-ui/react-dropdown-menu's changelog.

2.1.17

Added repository.directory to all package.json files

Updated dependencies: @radix-ui/react-menu@2.1.17, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-id@1.1.2, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-controllable-state@1.2.3

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @radix-ui/react-dropdown-menu since your current version.

Updates @radix-ui/react-popover from 1.1.15 to 1.1.16

Changelog

Sourced from @radix-ui/react-popover's changelog.

1.1.16

Fixed a bug where iOS text selection and editing on HTML inputs within react-dialog were broken

Fixed triggers referencing a non-existent element via aria-controls when their content is removed from the DOM (credit to @dodomorandi for the original PR)

Added repository.directory to all package.json files

Updated dependencies: @radix-ui/react-presence@1.1.6, @radix-ui/react-popper@1.3.0, @radix-ui/react-slot@1.2.5, @radix-ui/react-focus-guards@1.1.4, @radix-ui/react-dismissable-layer@1.1.12, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-focus-scope@1.1.9, @radix-ui/react-id@1.1.2, @radix-ui/react-portal@1.1.11, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-controllable-state@1.2.3

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @radix-ui/react-popover since your current version.

Updates @radix-ui/react-toggle-group from 1.1.11 to 1.1.12

Changelog

Sourced from @radix-ui/react-toggle-group's changelog.

1.1.12

Added repository.directory to all package.json files

Updated dependencies: @radix-ui/react-direction@1.1.2, @radix-ui/primitive@1.1.4, @radix-ui/react-context@1.1.4, @radix-ui/react-primitive@2.1.5, @radix-ui/react-roving-focus@1.1.12, @radix-ui/react-toggle@1.1.11, @radix-ui/react-use-controllable-state@1.2.3

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @radix-ui/react-toggle-group since your current version.

Updates @radix-ui/react-tooltip from 1.2.8 to 1.2.9

Changelog

Sourced from @radix-ui/react-tooltip's changelog.

1.2.9

Fixed runtime error when event target is non-Node

Fixed a Tooltip bug so that skipDelayDuration={0} works as expected. Previously, the open delay could still be skipped when moving between triggers.

Added repository.directory to all package.json files

Updated dependencies: @radix-ui/react-presence@1.1.6, @radix-ui/react-popper@1.3.0, @radix-ui/react-slot@1.2.5, @radix-ui/react-dismissable-layer@1.1.12, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-id@1.1.2, @radix-ui/react-portal@1.1.11, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-controllable-state@1.2.3, @radix-ui/react-visually-hidden@1.2.5

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @radix-ui/react-tooltip since your current version.

Updates @simplewebauthn/server from 13.3.0 to 13.3.1

Release notes

Sourced from @simplewebauthn/server's releases.

v13.3.1

Changes:

[server] Fixed an issue with verifyRegistrationResponse() failing to verify some Packed and SafetyNet statements (#767)

Changelog

Sourced from @simplewebauthn/server's changelog.

v13.3.1

Changes:

[server] Fixed an issue with verifyRegistrationResponse() failing to verify some Packed and SafetyNet statements (#767)

Commits

615538f Update version to 13.3.1
61601dd Ignore E2E test for now
6c43af7 Use attStmt.alg in Safety Net and Packed Full
See full diff in compare view

Updates framer-motion from 12.38.0 to 12.40.0

Changelog

Sourced from framer-motion's changelog.

[12.40.0] 2026-05-21

Added

path option to transition.

arc() for motion along an arc.

[12.39.0] 2026-05-18

Added

Support for repeatType and repeatDelay in animation sequences.

Fixed

Variants: Re-run keyframe animations when switching between variant labels even when they share identical keyframe arrays.

Drag: Preserve in-flight motion value animations across React 19 reorder unmount/remount so dragSnapToOrigin no longer leaves the drag transform stranded after a layout swap.

LazyMotion: Share React contexts between the framer-motion and framer-motion/m (and therefore motion/react and motion/react-m) CJS bundles so that <m.div> from the /m subpath picks up features loaded by <LazyMotion> from the main entry point.

useScroll: Support hydrating target and container refs from anywhere in the tree.

Drag: Gesture no longer starts from incorrect start point when rendered inside <AnimatePresence initial={false} />.

Drag: dragConstraints, when set as viewport-relative ref, no longer break on scroll.§

Updated visualElement hydration order.

useAnimate: Now respects skipAnimations.

AnimatePresence: Fix object-form initial values not applied on re-entry after exit completes.

scroll: Fixed callback progress when tracking an element.

useScroll: Fix hardware acceleration when tracking an element.

Commits

38ebb94 v12.40.0
b1f766c Latest
bca5544 Merge pull request #3699 from motiondivision/lochie/arcs-injectable
f1a96cf arc(): rename amp/rotate, expose MotionPath, fix explicit cw/ccw
b4aaba0 pathRotation: non-destructive orientToPath rotation channel
8604ef3 Make arcs injectable via transition.path = arc()
f90fe29 add orientToPath
9ebe999 fix: test
bc2107e Revert "no should"
6eeb92d no should
Additional commits viewable in compare view

Updates next from 16.2.6 to 16.2.7

Release notes

Sourced from next's releases.

v16.2.7

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

Backport documentation fixes for v16.2 (#93804)

[backport] Patch playwright-core to resolve _finishedPromise on requestFailed (#93920)

[backport] Fix dev mode hydration failure when page is served from HTTP cache (#93492)

[backport] Fix catch-all router.query corruption with basePath + rewrites (#93917)

[backport] Encode non-ASCII characters in cache tags at construction (#93918)

[backport] Fix server action forwarding loop with middleware rewrites (#93919)

[backport] Turbopack: switch from base40 to base38 hash encoding (#93932)

[ci] Disable hanging node 24 typescript tests on 16.2 backport branch (#94164)

[backport] Fix "type: module" in project dir when using standalone or adapters (#94050)

[backport] Propagate adapter preferred regions (#94200)

[16.2.x] Don't drop FormData entries (#94240)

[backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (#94284)

Credits

Huge thanks to @eps1lon, @icyJoseph, @unstubbable, @mischnic, @bgw, @timneutkens, and @lukesandberg for helping!

Commits

9bd3c26 v16.2.7
c63224f [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolut...
63115c7 [16.2.x] Don't drop FormData entries (#94240)
aef22fd [backport] Propagate adapter preferred regions (#94200)
f126e72 [backport] Fix "type: module" in project dir when using standalone or adapter...
bda3e2a [ci] Disable hanging node 24 typescript tests on 16.2 backport branch (#94164)
7e16e07 [backport] Turbopack: switch from base40 to base38 hash encoding (#93932)
6139f4b [backport] Fix server action forwarding loop with middleware rewrites (#93919)
c021d10 [backport] Encode non-ASCII characters in cache tags at construction (#93918)
9184ddb [backport] Fix catch-all router.query corruption with basePath + `rewrite...
Additional commits viewable in compare view

Updates next-intl from 4.11.1 to 4.13.0

Release notes

Sourced from next-intl's releases.

v4.13.0

4.13.0 (2026-05-28)

Features

Use URL-safe base64 for auto-generated message keys of useExtracted (#2330) (a003d3a) – by @spokodev

⚠️ If you're using useExtracted, this requires an update to your existing keys. Please point your agent at amannn/next-intl#2330 to upgrade.

v4.12.0

4.12.0 (2026-05-13)

Features

Improvements for useExtracted (#2316) (bff2f96) – by @amannn

⚠️ A small config change is required for useExtracted users to upgrade, please see amannn/next-intl#2316 for details.

v4.11.2

4.11.2 (2026-05-11)

Bug Fixes

Revert x-forwarded-host redirect domain change (#2322) (eb3a6a4) – by @amannn

Changelog

Sourced from next-intl's changelog.

4.13.0 (2026-05-28)

Features

Use URL-safe base64 for auto-generated message keys of useExtracted (#2330) (a003d3a) – by @spokodev

4.12.0 (2026-05-13)

Features

Improvements for useExtracted (#2316) (bff2f96) – by @amannn

4.11.2 (2026-05-11)

Bug Fixes

Revert x-forwarded-host redirect domain change (#2322) (eb3a6a4) – by @amannn

Commits

3e013c4 v4.13.0
a003d3a feat: Use URL-safe base64 for auto-generated message keys of useExtracted (...
2e351ae docs: Add ElevenLabs logo
d7aaa62 docs: Add note on Promise.all
233af94 docs: Reorder extraction docs
d7bf7af v4.12.0
bff2f96 feat: Improvements for useExtracted (#2316)
940dfbf v4.11.2
eb3a6a4 fix: Revert x-forwarded-host redirect domain change (#2322)
See full diff in compare view

Updates otplib from 13.4.0 to 13.4.1

Release notes

Sourced from otplib's releases.

v13.4.1

What's Changed

fix: override flatted package security alert by @yeojz in yeojz/otplib#820

fix: override picomatch and yaml package security alerts by @yeojz in yeojz/otplib#822

refactor(testing): replace custom Deno adapter with @std/expect by @yeojz in yeojz/otplib#821

fix: override brace-expansion package security alert by @yeojz in yeojz/otplib#824

chore: update github actions pinned images by @yeojz in yeojz/otplib#823

Add @otplib/plugin-base32-alt to dependencies by @yeojz in yeojz/otplib#825

chore: harden supply chain with cooldown and version pinning by @yeojz in yeojz/otplib#826

refactor(testing): centralize test secrets into shared module by @yeojz in yeojz/otplib#831

chore(deps): bump the github-actions group with 5 updates by @dependabot[bot] in yeojz/otplib#827

refactor(testing): rename test secret constants for semantic clarity by @yeojz in yeojz/otplib#832

chore(deps-dev): bump the dev-dependencies-minor group with 4 updates by @dependabot[bot] in yeojz/otplib#828

refactor: replace size-limit with native bundle size check by @yeojz in yeojz/otplib#835

chore(deps-dev): bump vite from 7.3.1 to 8.0.0 by @dependabot[bot] in yeojz/otplib#830

refactor/docs/unusedImport by @ValeriYanev98 in yeojz/otplib#837

fix(security): address npm audit vulnerabilities by @yeojz in yeojz/otplib#839

fix(docker): bump pnpm to 10.30.1 to match packageManager by @yeojz in yeojz/otplib#847

docs: note short-secret guardrail override for legacy/test secrets by @yeojz in yeojz/otplib#848

docs(getting-started): clarify when each function runs by @yeojz in yeojz/otplib#846

chore(deps): bump vite from 5.4.21 to 8.0.10 by @dependabot[bot] in yeojz/otplib#845

chore(deps-dev): bump the dev-dependencies-patch group across 1 directory with 6 updates by @dependabot[bot] in yeojz/otplib#849

chore(deps-dev): bump the dev-dependencies-minor group across 1 directory with 6 updates by @dependabot[bot] in yeojz/otplib#841

docs(otplib): note 16-byte minimum and fix broken secret-handling link by @yeojz in yeojz/otplib#851

chore(deps-dev): bump @codecov/bundle-analyzer from 1.9.1 to 2.0.1 by @dependabot[bot] in yeojz/otplib#843

fix(benchmarks): adapt to tinybench v6 TaskResult shape by @yeojz in yeojz/otplib#852

chore(deps): bump the github-actions group across 1 directory with 6 updates by @dependabot[bot] in yeojz/otplib#844

chore(deps): bump @noble/hashes and @scure/base to 2.2.0 by @yeojz in yeojz/otplib#853

chore(deps-dev): bump turbo from 2.9.9 to 2.9.14 by @dependabot[bot] in yeojz/otplib#855

ci: split security audit into blocking prod and informational full scans by @yeojz in yeojz/otplib#857

chore(deps-dev): bump vite from 8.0.10 to 8.0.11 by @dependabot[bot] in yeojz/otplib#856

release(packages): v13.4.1 by @github-actions[bot] in yeojz/otplib#854

New Contributors

@ValeriYanev98 made their first contribution in yeojz/otplib#837

Full Changelog: yeojz/otplib@v13.4.0...v13.4.1

Commits

1d997b0 release(packages): v13.4.1 (#854)
0e9566f docs(otplib): note 16-byte minimum and fix broken secret-handling link (#851)
e01b4f1 chore(deps-dev): bump the dev-dependencies-patch group across 1 directory wit...
212534b chore(deps-dev): bump the dev-dependencies-minor group with 4 updates (#828)
b54adad refactor(testing): rename test secret constants for semantic clarity (#832)
4898252 refactor(testing): centralize test secrets and normalize naming (#831)
See full diff in compare view

Updates pg from 8.20.0 to 8.21.0

Changelog

Sourced from pg's changelog.

pg@8.21.0

Handle SASL SCRAM server error responses properly.

Add support for node@26.

Add scramMaxIterations config option.

Add client.getTransactionStatus() method.

Commits

544b1ce Publish
cc03fa5 Add scramMaxIterations option to limit SCRAM iteration count (#3677)
f776327 Remove compatibility code for unsupported versions of Node (<16) (#3678)
f252870 cleanup: pg utils (#3675)
c8da6ab Assorted test cleanup (#3673)
fa47e73 fix: Client#end callback being called multiple times when first is no-op (#...
88a7e60 cleanup: Move declaration to more natural place
2095247 cleanup: Combine duplicated code in Client#query and avoid unneeded early n...
0ac3edd fix: apply SASLprep (RFC 4013) to passwords before SCRAM-SHA-256 PBKDF2 (#3669)
be880d4 Assorted test fixes and cleanup (#3672)
Additional commits viewable in compare view

Updates react from 19.2.6 to 19.2.7

Release notes

Sourced from react's releases.

19.2.7 (June 1st, 2026)

React Server Components

Fixed missing FormData entries in Server Actions which regressed in 19.2.6 (#36566 by @unstubbable)

Commits

6117d7c Version 19.2.7 (#36591)
See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react since your current version.

Updates @types/react from 19.2.14 to 19.2.17

Commits

See full diff in compare view

Updates react-dom from 19.2.6 to 19.2.7

Release notes

Sourced from react-dom's releases.

19.2.7 (June 1st, 2026)

React Server Components

Fixed missing FormData entries in Server Actions which regressed in 19.2.6 (#36566 by @unstubbable)

Commits

6117d7c Version 19.2.7 (#36591)
See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react-dom since your current version.

Updates swagger-ui-react from 5.32.5 to 5.32.6

Release notes

Sourced from swagger-ui-react's releases.

v5.32.6

5.32.6 (2026-05-12)

Bug Fixes

deps-dev: address undici vulnerability (#10870) (35f5a6a)

docker: address CVE-2026-27135 nghttp2-libs vulnerability (#10879) (0a63415)

Commits

dcdca62 chore(release): cut the 5.32.6 release
871b897 chore(deps): swagger-client to 3.37.4 (#10880)
0a63415 fix(docker): address CVE-2026-27135 nghttp2-libs vulnerability (#10879)
9da9aed chore(deps-dev): bump fast-uri from 3.0.6 to 3.1.2 (#10875)
716b006 chore(deps): bump @babel/plugin-transform-modules-systemjs (#10877)
70120da chore(deps-dev): replace html-webpack-skip-assets-plugin with native excludeC...
f672bd2 chore(deps): bump axios from 1.15.0 to 1.16.0 (#10872)
35f5a6a fix(deps-dev): address undici vulnerability (#10870)
5210ab5 chore(deps-dev): bump postcss from 8.5.3 to 8.5.12 (#10859)
See full diff in compare view

Updates @playwright/test from 1.59.1 to 1.60.0

Release notes

Sourced from @playwright/test's releases.

v1.60.0

🌐 HAR recording on Tracing

tracing.startHar() / tracing.stopHar() expose HAR recording as a first-class tracing API, with the same content, mode and urlFilter options as recordHar. The returned Disposable makes it easy to scope a recording with await using:
await using har = await context.tracing.startHar('trace.har');
const page = await context.newPage();
await page.goto('https://playwright.dev');
// HAR is finalized when `har` goes out of scope.
🪝 Drop API

New locator.drop() simulates an external drag-and-drop of files or clipboard-like data onto an element. Playwright dispatches dragenter, dragover, and drop with a synthetic [DataTransfer] in the page context — works cross-browser and is great for testing upload zones:
await page.locator('#dropzone').drop({
  files: { name: 'note.txt', mimeType: 'text/plain', buffer: Buffer.from('hello') },
});
await page.locator('#dropzone').drop({
data: {
'text/plain': 'hello world',
'text/uri-list': 'https://example.com',
},
});
🎯 Aria snapshots

expect(page).toMatchAriaSnapshot() now works on a Page, in addition to a Locator — equivalent to asserting against page.locator('body').

New boxes option on locator.ariaSnapshot() / page.ariaSnapshot() appends each element's bounding box as [box=x,y,width,height], useful for AI consumption.

🛑 test.abort()

New test.abort() aborts the currently running test from a fixture, hook, or route handler with an optional message. Use it when you have detected an unrecoverable misuse and want to fail the test right away:
test('does not publish to the shared page', async ({ page }) => {
  await page.route('**/publish', route => {
    test.abort('Tests must not publish to the shared page. Use the `clone` option.');
    return route.abort();
  });
  // ...
});
New APIs

Browser, Context and Page

... (truncated)

Commits

87bb9dd cherry-pick(#40747): fix(yauzl): vendor yauzl with destroy-lifecycle fix
9a9c51c cherry-pick(#40733): chore(electron): revert #40184 (move Electron API to a s...
4b3b628 cherry-pick(#40736): Revert "feat(electron): add timeout option to electronAp...
f869f96 chore: bump version to v1.60.0 (#40714)
7eb6918 cherry-pick(#40710): docs: release notes v1.60
118d2aa cherry-pick(#40693): chore(python): formdata path type
54012f5 chore(deps): bump ip-address and express-rate-limit (#40680)
9fa531d fix(screencast): unblock frame ack when an async client disconnects (#40674)
3649db5 chore(mcp): bump default extension protocol to v2 (#40678)
bb6c009 chore(extension): mark 0.2.1 (#40679)
Additional commits viewable in compare view

Updates @tailwindcss/postcss from 4.2.4 to 4.3.0

Release notes

Sourced from @tailwindcss/postcss's releases.

v4.3.0

Added

Add @container-size utility (#18901)

Add scrollbar-{auto,thin,none} utilities for scrollbar-width, and scrollbar-thumb-* / scrollbar-track-* color utilities for scrollbar-color (#19981, #20019)

Add scrollbar-gutter-* utilities (#20018)

Add zoom-* utilities (#20020)

Add tab-* utilities (#20022)

Allow using @variant with stacked variants (e.g. @variant hover:focus { … }) (#19996)

Allow using @variant with compound variants (e.g. @variant hover, focus { … }) (#19996)

Support --default(…) in --value(…) and --modifier(…) for functional @utility definitions (#19989)

Fixed

Ensure @plugin resolves package JavaScript entries instead of browser CSS entries when using @tailwindcss/vite (#19949)

Fix relative @import and @plugin paths resolving from the wrong directory when using @tailwindcss/vite (#19965)

Ensure CSS files containing @variant are processed by @tailwindcss/vite (#19966)

Resolve imports relative to base when result.opts.from is not provided when using @tailwindcss/postcss (#19980)

Canonicalization: preserve significant _ whitespace in arbitrary values (#19986)

Canonicalization: add parentheses when removing whitespace from arbitrary values would hurt readability (e.g. w-[calc(100%---spacing(60))] → w-[calc(100%-(--spacing(60)))]) (#19986)

Canonicalization: preserve the original unit in arbitrary values instead of normalizing to base units (e.g. -mt-[20in] → mt-[-20in], not mt-[-1920px]) (#19988)

Canonicalization: migrate arbitrary :has() variants from [&:has(…)] to has-[…] (#19991)

Upgrade: don’t migrate inline style attributes (e.g. style="flex-grow: 1" → style="flex-grow: 1", not style="grow: 1") (#19918)

Allow multiple @utility definitions with the same name but different value types (#19777)

Export missing PluginWithConfig type from tailwindcss/plugin to fix errors when inferring plugin config types (#19707)

Ensure start and end legacy utilities without values do not generate CSS (#20003)

Ensure --value(…) is required in functional @utility definitions (#20005)

Canonicalization: preserve required whitespace around operators in negated arbitrary values (e.g. -left-[(var(--a)+var(--b))]) (#20011)

Changelog

Sourced from @tailwindcss/postcss's changelog.

[4.3.0] - 2026-05-08

Added

Add @container-size utility (#18901)

Add scrollbar-{auto,thin,none} utilities for scrollbar-width, and scrollbar-thumb-* / scrollbar-track-* color utilities for scrollbar-color (#19981, #20019)

Add scrollbar-gutter-* utilities (#20018)

Add zoom-* utilities (#20020)

Add tab-* utilities (#20022)

Allow using @variant with stacked variants (e.g. @variant hover:focus { … }) (#19996)

Allow using @variant with compound variants (e.g. @variant hover, focus { … }) (#19996)

Support --default(…) in --value(…) and --modifier(…) for functional @utility definitions (#19989)

Fixed

Ensure @plugin resolves package JavaScript entries instead of browser CSS entries when using @tailwindcss/vite (#19949)

Fix relative @import and @plugin paths resolving from the wrong directory when using @tailwindcss/vite (#19965)

Ensure CSS files containing @variant are processed by @tailwindcss/vite (#19966)

Resolve imports relative to base when result.opts.from is not provided when using @tailwindcss/postcss (#19980)

Canonicalization: preserve significant _ whitespace in arbitrary values (#19986)

Canonicalization: add parentheses when removing whitespace from arbitrary values would hurt readability (e.g. w-[calc(100%---spacing(60))] → w-[calc(100%-(--spacing(60)))]) (#19986)

Canonicalization: preserve the original unit in arbitrary values instead of normalizing to base units (e.g. -mt-[20in] → mt-[-20in], not mt-[-1920px]) (#19988)

Canonicalization: migrate arbitrary :has() variants from [&:has(…)] to has-[…] (#19991)

Upgrade: don’t migrate inline style attributes (e.g. style="flex-grow: 1" → style="flex-grow: 1", not style="grow: 1") (#19918)

Allow multiple @utility definitions with the same name but different value types (#19777)

Export missing PluginWithConfig type from tailwindcss/plugin to fix errors when inferring plugin config types (#19707)

Ensure start and end legacy utilities without values do not generate CSS (#20003)

Ensure --value(…) is required in functional @utility definitions (#20005)

Canonicalization: preserve required whitespace around operators in negated arbitrary values (e.g. -left-[(var(--a)+var(--b))]) (#20011)

Commits

588bd73 4.3.0 (#20023)
12eb5ae Cleanup noisy test output (#20015)
4255671 Improve snapshot tests (#20013)
52f94c7 Improve codebase quality (#19999)
d194d4c docs: fix various typos in comments and documentation (#19878)
bfb5732 Fall back to the plugin base when PostCSS has no from option (#19980)
3a890c3 Bump dependencies (#19957)
See full diff in compare view

Updates @types/node from 25.6.0 to 25.9.2

Commits

See full diff in compare view

Updates @types/react from 19.2.14 to 19.2.17

Commits

See full diff in compare view

Updates @vitest/coverage-v8 from 4.1.5 to 4.1.8

Release notes

Sourced from @vitest/coverage-v8's releases.

v4.1.8

🐞 Bug Fixes

browser:

Disable client cdp API when allowWrite/allowExec: false [backport to v4] - by @hi-ogawa and Codex in vitest-dev/vitest#10450 (e4067)

Remove orphaned Playwright route when same module is mocked via multiple ids [backport to v4] - by @toxik and Description has been truncated

…4 updates Bumps the minor-and-patch group with 23 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@radix-ui/react-dialog](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/dialog) | `1.1.15` | `1.1.16` | | [@radix-ui/react-dropdown-menu](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/dropdown-menu) | `2.1.16` | `2.1.17` | | [@radix-ui/react-popover](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/popover) | `1.1.15` | `1.1.16` | | [@radix-ui/react-toggle-group](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/toggle-group) | `1.1.11` | `1.1.12` | | [@radix-ui/react-tooltip](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/tooltip) | `1.2.8` | `1.2.9` | | [@simplewebauthn/server](https://github.com/MasterKale/SimpleWebAuthn/tree/HEAD/packages/server) | `13.3.0` | `13.3.1` | | [framer-motion](https://github.com/motiondivision/motion) | `12.38.0` | `12.40.0` | | [next](https://github.com/vercel/next.js) | `16.2.6` | `16.2.7` | | [next-intl](https://github.com/amannn/next-intl) | `4.11.1` | `4.13.0` | | [otplib](https://github.com/yeojz/otplib/tree/HEAD/packages/otplib) | `13.4.0` | `13.4.1` | | [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg) | `8.20.0` | `8.21.0` | | [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.6` | `19.2.7` | | [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.14` | `19.2.17` | | [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.6` | `19.2.7` | | [swagger-ui-react](https://github.com/swagger-api/swagger-ui) | `5.32.5` | `5.32.6` | | [@playwright/test](https://github.com/microsoft/playwright) | `1.59.1` | `1.60.0` | | [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss) | `4.2.4` | `4.3.0` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.6.0` | `25.9.2` | | [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.1.5` | `4.1.8` | | [@vitest/ui](https://github.com/vitest-dev/vitest/tree/HEAD/packages/ui) | `4.1.5` | `4.1.8` | | [eslint-config-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next) | `16.2.6` | `16.2.7` | | [npm-check-updates](https://github.com/raineorshine/npm-check-updates) | `22.1.1` | `22.2.3` | | [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.5` | `4.1.8` | Updates `@radix-ui/react-dialog` from 1.1.15 to 1.1.16 - [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/dialog/CHANGELOG.md) - [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/dialog) Updates `@radix-ui/react-dropdown-menu` from 2.1.16 to 2.1.17 - [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/dropdown-menu/CHANGELOG.md) - [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/dropdown-menu) Updates `@radix-ui/react-popover` from 1.1.15 to 1.1.16 - [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/popover/CHANGELOG.md) - [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/popover) Updates `@radix-ui/react-toggle-group` from 1.1.11 to 1.1.12 - [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/toggle-group/CHANGELOG.md) - [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/toggle-group) Updates `@radix-ui/react-tooltip` from 1.2.8 to 1.2.9 - [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/tooltip/CHANGELOG.md) - [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/tooltip) Updates `@simplewebauthn/server` from 13.3.0 to 13.3.1 - [Release notes](https://github.com/MasterKale/SimpleWebAuthn/releases) - [Changelog](https://github.com/MasterKale/SimpleWebAuthn/blob/master/CHANGELOG.md) - [Commits](https://github.com/MasterKale/SimpleWebAuthn/commits/v13.3.1/packages/server) Updates `framer-motion` from 12.38.0 to 12.40.0 - [Changelog](https://github.com/motiondivision/motion/blob/main/CHANGELOG.md) - [Commits](motiondivision/motion@v12.38.0...v12.40.0) Updates `next` from 16.2.6 to 16.2.7 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v16.2.6...v16.2.7) Updates `next-intl` from 4.11.1 to 4.13.0 - [Release notes](https://github.com/amannn/next-intl/releases) - [Changelog](https://github.com/amannn/next-intl/blob/main/CHANGELOG.md) - [Commits](amannn/next-intl@v4.11.1...v4.13.0) Updates `otplib` from 13.4.0 to 13.4.1 - [Release notes](https://github.com/yeojz/otplib/releases) - [Commits](https://github.com/yeojz/otplib/commits/v13.4.1/packages/otplib) Updates `pg` from 8.20.0 to 8.21.0 - [Changelog](https://github.com/brianc/node-postgres/blob/master/CHANGELOG.md) - [Commits](https://github.com/brianc/node-postgres/commits/pg@8.21.0/packages/pg) Updates `react` from 19.2.6 to 19.2.7 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react) Updates `@types/react` from 19.2.14 to 19.2.17 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) Updates `react-dom` from 19.2.6 to 19.2.7 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react-dom) Updates `swagger-ui-react` from 5.32.5 to 5.32.6 - [Release notes](https://github.com/swagger-api/swagger-ui/releases) - [Commits](swagger-api/swagger-ui@v5.32.5...v5.32.6) Updates `@playwright/test` from 1.59.1 to 1.60.0 - [Release notes](https://github.com/microsoft/playwright/releases) - [Commits](microsoft/playwright@v1.59.1...v1.60.0) Updates `@tailwindcss/postcss` from 4.2.4 to 4.3.0 - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.0/packages/@tailwindcss-postcss) Updates `@types/node` from 25.6.0 to 25.9.2 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@types/react` from 19.2.14 to 19.2.17 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) Updates `@vitest/coverage-v8` from 4.1.5 to 4.1.8 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/coverage-v8) Updates `@vitest/ui` from 4.1.5 to 4.1.8 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/ui) Updates `eslint-config-next` from 16.2.6 to 16.2.7 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/commits/v16.2.7/packages/eslint-config-next) Updates `npm-check-updates` from 22.1.1 to 22.2.3 - [Release notes](https://github.com/raineorshine/npm-check-updates/releases) - [Changelog](https://github.com/raineorshine/npm-check-updates/blob/main/CHANGELOG.md) - [Commits](raineorshine/npm-check-updates@v22.1.1...v22.2.3) Updates `tailwindcss` from 4.2.4 to 4.3.0 - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.0/packages/tailwindcss) Updates `vitest` from 4.1.5 to 4.1.8 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/vitest) --- updated-dependencies: - dependency-name: "@radix-ui/react-dialog" dependency-version: 1.1.16 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@radix-ui/react-dropdown-menu" dependency-version: 2.1.17 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@radix-ui/react-popover" dependency-version: 1.1.16 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@radix-ui/react-toggle-group" dependency-version: 1.1.12 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@radix-ui/react-tooltip" dependency-version: 1.2.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@simplewebauthn/server" dependency-version: 13.3.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: framer-motion dependency-version: 12.40.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: next dependency-version: 16.2.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: next-intl dependency-version: 4.13.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: otplib dependency-version: 13.4.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: pg dependency-version: 8.21.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: react dependency-version: 19.2.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@types/react" dependency-version: 19.2.17 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: react-dom dependency-version: 19.2.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: swagger-ui-react dependency-version: 5.32.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@playwright/test" dependency-version: 1.60.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: "@tailwindcss/postcss" dependency-version: 4.3.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: "@types/node" dependency-version: 25.9.2 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: "@types/react" dependency-version: 19.2.17 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@vitest/coverage-v8" dependency-version: 4.1.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@vitest/ui" dependency-version: 4.1.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: eslint-config-next dependency-version: 16.2.7 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: npm-check-updates dependency-version: 22.2.3 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: tailwindcss dependency-version: 4.3.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: vitest dependency-version: 4.1.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-06-08T14:49:50Z

Labels

The following labels could not be found: dependencies, security. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): bump the minor-and-patch group across 1 directory with 24 updates#30

chore(deps): bump the minor-and-patch group across 1 directory with 24 updates#30
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/minor-and-patch-ca4b037d4a

dependabot Bot commented on behalf of github Jun 8, 2026

Uh oh!

dependabot Bot commented on behalf of github Jun 8, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Uh oh!

Conversation

dependabot Bot commented on behalf of github Jun 8, 2026

1.1.16

2.1.17

1.1.16

1.1.12

1.2.9

v13.3.1

v13.3.1

[12.40.0] 2026-05-21

Added

[12.39.0] 2026-05-18

Added

Fixed

v16.2.7

Core Changes

Credits

v4.13.0

4.13.0 (2026-05-28)

Features

v4.12.0

4.12.0 (2026-05-13)

Features

v4.11.2

4.11.2 (2026-05-11)

Bug Fixes

4.13.0 (2026-05-28)

Features

4.12.0 (2026-05-13)

Features

4.11.2 (2026-05-11)

Bug Fixes

v13.4.1

What's Changed

New Contributors

pg@8.21.0

19.2.7 (June 1st, 2026)

React Server Components

19.2.7 (June 1st, 2026)

React Server Components

v5.32.6

5.32.6 (2026-05-12)

Bug Fixes

v1.60.0

🌐 HAR recording on Tracing

🪝 Drop API

🎯 Aria snapshots

🛑 test.abort()

New APIs

Browser, Context and Page

v4.3.0

Added

Fixed

[4.3.0] - 2026-05-08

Added

Fixed

v4.1.8

🐞 Bug Fixes

Uh oh!

dependabot Bot commented on behalf of github Jun 8, 2026

Labels

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants