chore(deps): bump the tailwind-ecosystem group with 2 updates#23
Merged
DongDuong2001 merged 2 commits intofix/ci-mvnw-lintfrom Feb 24, 2026
Merged
Conversation
Bumps the tailwind-ecosystem group with 2 updates: [tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss) and [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss). Updates `tailwindcss` from 4.1.18 to 4.2.0 - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.2.0/packages/tailwindcss) Updates `@tailwindcss/postcss` from 4.1.18 to 4.2.0 - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.2.0/packages/@tailwindcss-postcss) --- updated-dependencies: - dependency-name: tailwindcss dependency-version: 4.2.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: tailwind-ecosystem - dependency-name: "@tailwindcss/postcss" dependency-version: 4.2.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: tailwind-ecosystem ... Signed-off-by: dependabot[bot] <support@github.com>
Contributor
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
…-ecosystem-90af11599f
dependabot
bot
deleted the
dependabot/npm_and_yarn/tailwind-ecosystem-90af11599f
branch
DongDuong2001
added a commit
that referenced
this pull request
Feb 24, 2026
* fix(ci): fix mvnw permission denied and next lint workspace flag * fix(ci): set mvnw executable bit and normalize npm workspace flags * fix(ci): use working-directory for next lint/build, use mvn instead of mvnw * fix(ci): add eslint config for next lint and explicit jackson-databind dep * fix(ci): add H2 test config, fix contextLoads, fix CodeQL mvnw * fix(ci): resolve contextLoads failure and lint invalid directory error - Add WebEnvironment.NONE and @activeprofiles('test') to GovernanceApiApplicationTests to prevent ReactorResourceFactory from failing when loading the full application context in CI - Change ESLint step to run from repo root with --workspace=apps/web instead of working-directory to fix 'invalid project directory' error caused by npm appending '/lint' to the path * fix(ci): fix lint path passthrough and Spring Boot context load failure - ci.yml: simplify lint step to pm run lint from root; root package.json already delegates to apps/web workspace, so passing --workspace flag was forwarding it as a directory arg to next lint - Add TestSecurityConfig with a stub @primary JwtDecoder so SecurityConfig's .oauth2ResourceServer() does not attempt to fetch the OIDC discovery document from the issuer URI at startup in CI - Import TestSecurityConfig in GovernanceApiApplicationTests - Update test application.yml: replace autoconfigure exclusion with a localhost stub issuer-uri, and add nexusguard.service-token and nexusguard.cors.allowed-origins stubs for @value injection * Potential fix for code scanning alert no. 1: Unused variable, import, function or class (#20) Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * fix(ci): fix ESLint violations and Spring Boot OIDC discovery at startup - policies/page.tsx: remove unused Plus import; prefix unused typeBadge parameter with _ to satisfy no-unused-vars rule - test/application.yml: replace issuer-uri with jwk-set-uri so Spring Security skips OIDC discovery HTTP call during context refresh in CI * fix(ci): bypass npm workspace arg-forwarding bug and use @MockBean for JwtDecoder - ci.yml: run 'npx next lint' directly from apps/web working-directory instead of via root npm script (which appends workspace path as arg) - package.json: update lint script to use -w shorthand - GovernanceApiApplicationTests: replace @import+@primary with @MockBean JwtDecoder @MockBean always overrides auto-configured beans before context refresh, preventing any JWK/OIDC network calls in CI * chore(deps): bump eslint from 10.0.0 to 10.0.1 (#26) Bumps [eslint](https://github.com/eslint/eslint) from 10.0.0 to 10.0.1. - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v10.0.0...v10.0.1) --- updated-dependencies: - dependency-name: eslint dependency-version: 10.0.1 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump lucide-react from 0.574.0 to 0.575.0 (#25) Bumps [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) from 0.574.0 to 0.575.0. - [Release notes](https://github.com/lucide-icons/lucide/releases) - [Commits](https://github.com/lucide-icons/lucide/commits/0.575.0/packages/lucide-react) --- updated-dependencies: - dependency-name: lucide-react dependency-version: 0.575.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump @types/node from 25.2.3 to 25.3.0 (#24) Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.2.3 to 25.3.0. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.3.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump the tailwind-ecosystem group with 2 updates (#23) Bumps the tailwind-ecosystem group with 2 updates: [tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss) and [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss). Updates `tailwindcss` from 4.1.18 to 4.2.0 - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.2.0/packages/tailwindcss) Updates `@tailwindcss/postcss` from 4.1.18 to 4.2.0 - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.2.0/packages/@tailwindcss-postcss) --- updated-dependencies: - dependency-name: tailwindcss dependency-version: 4.2.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: tailwind-ecosystem - dependency-name: "@tailwindcss/postcss" dependency-version: 4.2.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: tailwind-ecosystem ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Duong Phu Dong <dongduong840@gmail.com> * chore(deps): bump lucide-react from 0.574.0 to 0.575.0 in /apps/web (#22) Bumps [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) from 0.574.0 to 0.575.0. - [Release notes](https://github.com/lucide-icons/lucide/releases) - [Commits](https://github.com/lucide-icons/lucide/commits/0.575.0/packages/lucide-react) --- updated-dependencies: - dependency-name: lucide-react dependency-version: 0.575.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump org.springframework.boot:spring-boot-starter-parent (#21) Bumps [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) from 4.0.2 to 4.0.3. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v4.0.2...v4.0.3) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-starter-parent dependency-version: 4.0.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the tailwind-ecosystem group with 2 updates: tailwindcss and @tailwindcss/postcss.
Updates
tailwindcssfrom 4.1.18 to 4.2.0Release notes
Sourced from tailwindcss's releases.
Changelog
Sourced from tailwindcss's changelog.
Commits
1b164114.2.0 (#19695)6118f4fFix/misc docs and tests (#19652)5a4a7ebfix(canonicalize): prevent collapse cache pollution across calls (#19675)d0a5612Add mauve, olive, mist, and taupe color palettes (#19627)d9fff9fdocs: update package README CI badge to main (#19692)ed52d3efeat: handle backslash in@utilityname (#19626)6eb3b32Allow multiples of.25inaspect-*fractions (#19688)8ed67bfFix Tailwind CSS package README GitHub links (#19644)1638f35Bump dependencies (#19608)df96ea5Fix infinite loop when using@variantinside@custom-variantthat points ...Maintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for tailwindcss since your current version.
Updates
@tailwindcss/postcssfrom 4.1.18 to 4.2.0Release notes
Sourced from
@tailwindcss/postcss's releases.Changelog
Sourced from
@tailwindcss/postcss's changelog.Commits
1b164114.2.0 (#19695)d9fff9fdocs: update package README CI badge to main (#19692)8ed67bfFix Tailwind CSS package README GitHub links (#19644)1638f35Bump dependencies (#19608)bccf4bbAdd@tailwindcss/webpackloader for Tailwind CSS v4 (#19610)8d5e955Update dedent 1.7.0 → 1.7.1 (patch) (#19484)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions