Skip to content

build(deps-dev): Bump tailwindcss from 4.1.13 to 4.1.15 #240

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps-dev): Bump tailwindcss from 4.1.13 to 4.1.15 #240

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 20, 2025
edited
Loading

Bumps tailwindcss from 4.1.13 to 4.1.15.

Release notes

Sourced from tailwindcss's releases.

v4.1.15

Fixed

  • Fix Safari devtools rendering issue due to color-mix fallback (#19069)
  • Suppress Lightning CSS warnings about :deep, :slotted, and :global (#19094)
  • Fix resolving theme keys when starting with the name of another theme key in JS configs and plugins (#19097)
  • Allow named groups in combination with not-*, has-*, and in-* (#19100)
  • Prevent important utilities from affecting other utilities (#19110)
  • Don’t index into strings with the theme(…) function (#19111)
  • Fix parsing issue when \t is used in at-rules (#19130)
  • Upgrade: Canonicalize utilities containing 0 values (#19095)
  • Upgrade: Migrate deprecated break-words to wrap-break-word (#19157)

Changed

  • Remove the postinstall script from oxide (#19149)

v4.1.14

Fixed

  • Handle ' syntax in ClojureScript when extracting classes (#18888)
  • Handle @variant inside @custom-variant (#18885)
  • Merge suggestions when using @utility (#18900)
  • Ensure that file system watchers created when using the CLI are always cleaned up (#18905)
  • Do not generate grid-column utilities when configuring grid-column-start or grid-column-end (#18907)
  • Do not generate grid-row utilities when configuring grid-row-start or grid-row-end (#18907)
  • Prevent duplicate CSS when overwriting a static utility with a theme key (#18056)
  • Show Lightning CSS warnings (if any) when optimizing/minifying (#18918)
  • Use default export condition for @tailwindcss/vite (#18948)
  • Re-throw errors from PostCSS nodes (#18373)
  • Detect classes in markdown inline directives (#18967)
  • Ensure files with only @theme produce no output when built (#18979)
  • Support Maud templates when extracting classes (#18988)
  • Upgrade: Do not migrate variant = 'outline' during upgrades (#18922)
  • Upgrade: Show version mismatch (if any) when running upgrade tool (#19028)
  • Upgrade: Ensure first class inside className is migrated (#19031)
  • Upgrade: Migrate classes inside *ClassName and *Class attributes (#19031)
Changelog

Sourced from tailwindcss's changelog.

[4.1.15] - 2025-10-20

Fixed

  • Fix Safari devtools rendering issue due to color-mix fallback (#19069)
  • Suppress Lightning CSS warnings about :deep, :slotted, and :global (#19094)
  • Fix resolving theme keys when starting with the name of another theme key in JS configs and plugins (#19097)
  • Allow named groups in combination with not-*, has-*, and in-* (#19100)
  • Prevent important utilities from affecting other utilities (#19110)
  • Don’t index into strings with the theme(…) function (#19111)
  • Fix parsing issue when \t is used in at-rules (#19130)
  • Upgrade: Canonicalize utilities containing 0 values (#19095)
  • Upgrade: Migrate deprecated break-words to wrap-break-word (#19157)

Changed

[4.1.14] - 2025-10-01

Fixed

  • Handle ' syntax in ClojureScript when extracting classes (#18888)
  • Handle @variant inside @custom-variant (#18885)
  • Merge suggestions when using @utility (#18900)
  • Ensure that file system watchers created when using the CLI are always cleaned up (#18905)
  • Do not generate grid-column utilities when configuring grid-column-start or grid-column-end (#18907)
  • Do not generate grid-row utilities when configuring grid-row-start or grid-row-end (#18907)
  • Prevent duplicate CSS when overwriting a static utility with a theme key (#18056)
  • Show Lightning CSS warnings (if any) when optimizing/minifying (#18918)
  • Use default export condition for @tailwindcss/vite (#18948)
  • Re-throw errors from PostCSS nodes (#18373)
  • Detect classes in markdown inline directives (#18967)
  • Ensure files with only @theme produce no output when built (#18979)
  • Support Maud templates when extracting classes (#18988)
  • Upgrade: Do not migrate variant = 'outline' during upgrades (#18922)
  • Upgrade: Show version mismatch (if any) when running upgrade tool (#19028)
  • Upgrade: Ensure first class inside className is migrated (#19031)
  • Upgrade: Migrate classes inside *ClassName and *Class attributes (#19031)
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Oct 20, 2025
@cloudflare-workers-and-pages
Copy link

cloudflare-workers-and-pages bot commented Oct 20, 2025
edited
Loading

Deploying blinklabs-utxorpc with  Cloudflare Pages  Cloudflare Pages

Latest commit: 1abfa08
Status: ✅  Deploy successful!
Preview URL: https://eaefe663.blinklabs-utxorpc.pages.dev
Branch Preview URL: https://dependabot-npm-and-yarn-tail-m4ju.blinklabs-utxorpc.pages.dev

View logs

@fossabot
Copy link

fossabot bot commented Oct 21, 2025
edited
Loading

fossabot is Thinking

@fossabot
Copy link

fossabot bot commented Oct 21, 2025
edited
Loading

✓ Safe to upgrade

I recommend merging this upgrade because it's a minor patch update within the same major version (v4), bringing 8 new features and 17 bug fixes with no breaking changes affecting this codebase. The project is already on Tailwind v4 with proper configuration, and none of the deprecated utilities (break-words) or changed features (@​apply directive) are used in the codebase. The security vulnerabilities flagged (CVE-2024-4068, CVE-2024-4067 affecting braces and micromatch) are not introduced by this upgrade and exist in unrelated build tool dependencies (fast-glob). The malicious package warning is about a different typosquatting package (material-tailwindcss) not related to the official tailwindcss being upgraded. Web search findings about v4 migration issues and WSL2 installation problems apply to major version migrations, not this minor patch upgrade within v4.

What we checked

  • Tailwindcss upgraded from 4.1.13 to 4.1.15 (minor patch version) [1]
  • Project already using Tailwind v4 import syntax with compatibility layer in place (lines 3-19) [2]
  • Security vulnerability in braces@​3.0.3 is a transitive dependency of fast-glob (line 3615), not tailwindcss - exists in current version and is unrelated to this upgrade [3]
  • Security vulnerability in micromatch@​4.0.8 is a transitive dependency of fast-glob via braces (line 4671), not tailwindcss - exists in current version and is unrelated to this upgrade [4]
  • Deprecated break-words utility is not used in this codebase (grep found no matches) [5]

Dependency Usage

Tailwind CSS serves as the core styling framework for this React-based Cardano wallet transaction application, integrated through PostCSS build tooling and imported globally in the main CSS file. The dependency enables utility-first CSS styling throughout the user interface, supporting the application's visual design system for wallet connection flows and transaction displays. This is a standard build-time dependency pattern where Tailwind processes styles during development and production builds rather than runtime, with configuration handled through the PostCSS pipeline.

Changes

tailwindcss has introduced a breaking change with globby upgraded to a major release, deprecated the break-words utility in favor of wrap-break-word, and fixed critical parsing issues including Safari devtools rendering problems with nested @​supports rules and theme key resolution in compatibility mode. The update includes eight new features such as @​container-size utility, Maud templating support, and a new optimize option for the Vite plugin.

  • Update globby 14.1.0 → 15.0.0 (major) (#19056) (6802c68) (v4.1.15, changelog)
  • Mark break-words as deprecated, and upgrade to wrap-break-word (#19157) (3b636b7) (v4.1.15, changelog)
  • Upgrade: Migrate deprecated break-words to wrap-break-word (#19157) (vv4.1.15, release notes)
View 97 more changes
  • Handle ' syntax in ClojureScript when extracting classes (#18888) (274be93) (v4.1.15, changelog)
  • Handle @​variant inside @​custom-variant (#18885) (77b3cb5) (v4.1.15, changelog)
  • Merge suggestions when using @​utility (#18900) (2f1cbbf) (v4.1.15, changelog)
  • Add @​container-size utility (#18901) (b7c7e48) (v4.1.15, changelog)
  • Fix CLI watcher cleanup race (#18905) (ee1c7a6) (v4.1.15, changelog)
  • Do not generate grid-column when configuring grid-column-start or grid-column-end (#18907) (340b59d) (v4.1.15, changelog)
  • Proposal: Allow overwriting static utilities that have a namespace (#18056) (d1fd645) (v4.1.15, changelog)
  • Do not migrate variant = 'outline' during upgrades (#18922) (65bad11) (v4.1.15, changelog)
  • Show Lightning CSS warnings when optimizing/minifying in production (#18918) (d0a1bd6) (v4.1.15, changelog)
  • Use default export condition for @​tailwindcss/vite (#18948) (5a94f81) (v4.1.15, changelog)
  • Bump Prettier (#18960) (c2aab49) (v4.1.15, changelog)
  • Re-throw errors from PostCSS nodes (#18373) (5b8136e) (v4.1.15, changelog)
  • Add plugin option documentation to the postcss plugin readme (#18940) (d0f7f82) (v4.1.15, changelog)
  • Detect classes in markdown inline directives (#18967) (8d56381) (v4.1.15, changelog)
  • Bump napi toolchain to 3.3 (#18947) (6c30d5e) (v4.1.15, changelog)
  • Update all pnpm dependencies (2025-09-20) (#18971) (42eadfd) (v4.1.15, changelog)
  • Ensure files with only @​theme produce no output when built (#18979) (c6e0a55) (v4.1.15, changelog)
  • Add Maud templating support (#18988) (85575a4) (v4.1.15, changelog)
  • Update @​types/bun 1.2.20 → 1.2.22 (patch) (#19002) (d6464bd) (v4.1.15, changelog)
  • Update @​types/react-dom 19.1.7 → 19.1.9 (patch) (#19004) (a800585) (v4.1.15, changelog)
  • Update @​vitejs/plugin-react 5.0.0 → 5.0.3 (patch) (#19006) (5aa2bf1) (v4.1.15, changelog)
  • Update @​types/react 19.1.9 → 19.1.13 (patch) (#19003) (d593a21) (v4.1.15, changelog)
  • Update @​types/semver 7.7.0 → 7.7.1 (patch) (#19005) (de72633) (v4.1.15, changelog)
  • Update eslint 9.33.0 → 9.35.0 (minor) (#19009) (3a4eb38) (v4.1.15, changelog)
  • Update dedent 1.6.0 → 1.7.0 (minor) (#19010) (210575a) (v4.1.15, changelog)
  • Update all of nextjs to version 15.5.2 (1f84424) (v4.1.15, changelog)
  • Update magic-string to version 0.30.19 (cc8fefc) (v4.1.15, changelog)
  • Update prettier-plugin-organize-imports 4.2.0 → 4.3.0 (minor) (#19013) (20f830f) (v4.1.15, changelog)
  • Update @​tailwindcss/typography 0.5.16 → 0.5.19 (minor) (#19014) (0d39788) (v4.1.15, changelog)
  • Update bun 1.2.20 → 1.2.22 (patch) (#19007) (9feefac) (v4.1.15, changelog)
  • Update jiti 2.5.1 → 2.6.0 (minor) (#19029) (f6bb72c) (v4.1.15, changelog)
  • Add Upgrading from Tailwind CSS v… when running upgrade tool (#19026) (b497e1e) (v4.1.15, changelog)
  • Show version mismatch when running upgrade tool (#19028) (9d00662) (v4.1.15, changelog)
  • Ensure first class inside className in React is migrated (#19031) (47d6a02) (v4.1.15, changelog)
  • Update @​playwright/test 1.55.0 → 1.55.1 (patch) (#19033) (5cd49b0) (v4.1.15, changelog)
  • Update tar 7.4.3 → 7.5.1 (minor) (#19035) (2766a49) (v4.1.15, changelog)
  • Prepare v4.1.14 release (#19037) (b67cbcf) (v4.1.15, changelog)
  • Update eslint 9.35.0 → 9.36.0 (minor) (#19049) (573f633) (v4.1.15, changelog)
  • Add agentic workflow issue-triage (#19057) (9ef314e) (v4.1.15, changelog)
  • Issue triage tweaks (4cbdfa6) (v4.1.15, changelog)
  • Change permissions so issue-triage can run for everyone (231e17b) (v4.1.15, changelog)
  • run prettier (86e4b8e) (v4.1.15, changelog)
  • Fix failing integration tests (#19068) (49948d0) (v4.1.15, changelog)
  • Fix Safari devtools issues because of nested @​supports at-rules without normal rule (#19069) (73628f6) (v4.1.15, changelog)
  • Introduce canonicalizeCandidates on the internal Design System (#19059) (b77971f) (v4.1.15, changelog)
  • Improve performance of cloning AST nodes (#19067) (efe084b) (v4.1.15, changelog)
  • Improve percentage canonicalization (#19072) (0c8d881) (v4.1.15, changelog)
  • Suppress warnings when using :deep, :slotted and :global (#19094) (561983d) (v4.1.15, changelog)
  • Fix resolving colors via theme(…) in compat mode with nested objects (#19097) (0c14df1) (v4.1.15, changelog)
  • Move modifier of not-*, has-*, and in-* variant to sub variant (#19100) (3aadba7) (v4.1.15, changelog)
  • Canonicalization constant folding and handling zeros (#19095) (01d1e98) (v4.1.15, changelog)
  • Update all of react 19.1.1 → 19.2.0 (minor) (#19087) (53a8d3b) (v4.1.15, changelog)
  • Update @​types/react-dom 19.1.9 → 19.2.1 (minor) (#19088) (496a1e9) (v4.1.15, changelog)
  • Canonicalize dimensions (#19101) (c67c0c5) (v4.1.15, changelog)
  • Update @​napi-rs/cli 3.2.0 → 3.3.0 (minor) (#19102) (249bed0) (v4.1.15, changelog)
  • Clone AST nodes used in staticValues (#19110) (2cba831) (v4.1.15, changelog)
  • Don’t index into strings with the theme(…) function (#19111) (f945c3d) (v4.1.15, changelog)
  • Update @​types/react 19.1.13 → 19.2.2 (minor) (#19116) (28c7231) (v4.1.15, changelog)
  • Update semver to version 7.7.3 (c7f6303) (v4.1.15, changelog)
  • Make TypeScript a bit more happy (#19124) (22858ac) (v4.1.15, changelog)
  • Fix parsing issue when \t is used in at-rules (#19130) (de6b54c) (v4.1.15, changelog)
  • Update @​vitejs/plugin-react 5.0.3 → 5.0.4 (patch) (#19129) (fc63ce7) (v4.1.15, changelog)
  • Generalize the walk implementation (#19126) (acb27ef) (v4.1.15, changelog)
  • Add optimize option to @​tailwindcss/vite plugin (#19131) (89cbfc7) (v4.1.15, changelog)
  • Update @​napi-rs/wasm-runtime 1.0.5 → 1.0.7 (patch) (#19140) (71e1931) (v4.1.15, changelog)
  • Update eslint 9.36.0 → 9.37.0 (minor) (#19142) (e25c1f0) (v4.1.15, changelog)
  • Update Lightning CSS to 1.30.2 (#19143) (48c274d) (v4.1.15, changelog)
  • Remove Oxide postinstall script (#19149) (70f27d5) (v4.1.15, changelog)
  • Update bun 1.2.22 → 1.3.0 (minor) (#19144) (fee19b2) (v4.1.15, changelog)
  • Revert agentic issue-triage workflow (#19155) (afe3de3) (v4.1.15, changelog)
  • Update @​types/bun 1.2.22 → 1.3.0 (minor) (#19145) (fb0f432) (v4.1.15, changelog)
  • Release 4.1.15 (#19159) (b2e2435) (v4.1.15, changelog)
  • Fix Safari devtools rendering issue due to color-mix fallback (#19069) (vv4.1.15, release notes)
  • Suppress Lightning CSS warnings about :deep, :slotted, and :global (#19094) (vv4.1.15, release notes)
  • Fix resolving theme keys when starting with the name of another theme key in JS configs and plugins (#19097) (vv4.1.15, release notes)
  • Allow named groups in combination with not-*, has-*, and in-* (#19100) (vv4.1.15, release notes)
  • Prevent important utilities from affecting other utilities (#19110) (vv4.1.15, release notes)
  • Don’t index into strings with the theme(…) function (#19111) (vv4.1.15, release notes)
  • Fix parsing issue when \t is used in at-rules (#19130) (vv4.1.15, release notes)
  • Upgrade: Canonicalize utilities containing 0 values (#19095) (vv4.1.15, release notes)
  • Remove the postinstall script from oxide (#19149) (vv4.1.15, release notes)
  • Handle ' syntax in ClojureScript when extracting classes (#18888) (vv4.1.14, release notes)
  • Handle @​variant inside @​custom-variant (#18885) (vv4.1.14, release notes)
  • Merge suggestions when using @​utility (#18900) (vv4.1.14, release notes)
  • Ensure that file system watchers created when using the CLI are always cleaned up (#18905) (vv4.1.14, release notes)
  • Do not generate grid-column utilities when configuring grid-column-start or grid-column-end (#18907) (vv4.1.14, release notes)
  • Prevent duplicate CSS when overwriting a static utility with a theme key (#18056) (vv4.1.14, release notes)
  • Show Lightning CSS warnings (if any) when optimizing/minifying (#18918) (vv4.1.14, release notes)
  • Use default export condition for @​tailwindcss/vite (#18948) (vv4.1.14, release notes)
  • Re-throw errors from PostCSS nodes (#18373) (vv4.1.14, release notes)
  • Detect classes in markdown inline directives (#18967) (vv4.1.14, release notes)
  • Ensure files with only @​theme produce no output when built (#18979) (vv4.1.14, release notes)
  • Support Maud templates when extracting classes (#18988) (vv4.1.14, release notes)
  • Upgrade: Do not migrate variant = 'outline' during upgrades (#18922) (vv4.1.14, release notes)
  • Upgrade: Show version mismatch (if any) when running upgrade tool (#19028) (vv4.1.14, release notes)
  • Upgrade: Ensure first class inside className is migrated (#19031) (vv4.1.14, release notes)
  • Upgrade: Migrate classes inside *ClassName and *Class attributes (#19031) (vv4.1.14, release notes)
References (5)

[1]: Tailwindcss upgraded from 4.1.13 to 4.1.15 (minor patch version)

utxorpc-example/package.json

Line 36 in e374b7c

"tailwindcss": "^4.1.15",

[2]: Project already using Tailwind v4 import syntax with compatibility layer in place (lines 3-19)

utxorpc-example/src/App.css

Line 1 in e374b7c

@import 'tailwindcss';

[3]: Security vulnerability in braces@​3.0.3 is a transitive dependency of fast-glob (line 3615), not tailwindcss - exists in current version and is unrelated to this upgrade

utxorpc-example/package-lock.json

Line 2662 in e374b7c

"version": "3.0.3",

[4]: Security vulnerability in micromatch@​4.0.8 is a transitive dependency of fast-glob via braces (line 4671), not tailwindcss - exists in current version and is unrelated to this upgrade

utxorpc-example/package-lock.json

Line 4665 in e374b7c

"version": "4.0.8",

[5]: Deprecated break-words utility is not used in this codebase (grep found no matches) (source link)

fossabot analyzed this PR using dependency research.

@dependabot
build(deps-dev): Bump tailwindcss from 4.1.13 to 4.1.15
1abfa08 
Bumps [tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss) from 4.1.13 to 4.1.15.
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.1.15/packages/tailwindcss)

---
updated-dependencies:
- dependency-name: tailwindcss
  dependency-version: 4.1.15
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/tailwindcss-4.1.15 branch from e374b7c to 1abfa08 Compare October 21, 2025 17:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants