deps(npm): bump the ui-dependencies group across 1 directory with 18 updates by dependabot[bot] · Pull Request #109 · NinePiece2/NineLanCacheUI

dependabot · 2026-06-11T21:35:41Z

Bumps the ui-dependencies group with 16 updates in the /NineLanCacheUI directory:

Package	From	To
@radix-ui/react-select	`2.2.6`	`2.3.0`
framer-motion	`12.33.0`	`12.40.0`
lucide-react	`0.563.0`	`1.18.0`
next	`16.2.6`	`16.2.9`
prettier	`3.8.1`	`3.8.4`
react	`19.2.4`	`19.2.7`
@types/react	`19.2.13`	`19.2.17`
react-dom	`19.2.4`	`19.2.7`
recharts	`3.7.0`	`3.8.1`
tailwind-merge	`3.4.0`	`3.6.0`
@eslint/eslintrc	`3.3.3`	`3.3.5`
@tailwindcss/postcss	`4.1.18`	`4.3.1`
@types/node	`25.2.1`	`25.9.3`
eslint	`9.39.2`	`10.5.0`
eslint-config-next	`16.1.6`	`16.2.9`
typescript	`5.9.3`	`6.0.3`

Updates @radix-ui/react-select from 2.2.6 to 2.3.0

Changelog

Sourced from @radix-ui/react-select's changelog.

2.3.0

Added unstable Provider and BubbleInput parts to Select. Select.unstable_Provider sets up Select's context and state without implicitly rendering the hidden native select, and Select.unstable_BubbleInput exposes that previously internal native select so consumers can recompose it explicitly. Select continues to render both by default.

Added support for presence-based exit animations in Select

Fixed Select hidden input so it submits empty string when no value is selected

Fixed placeholder rendering when a controlled Select is reset to an empty value

Added missing __selectScope prop to PopperContent component

Fixed Select closing unexpectedly after touch-scrolling its content when rendered inside an open shadow DOM

Fixed a bug where iOS text selection and editing on HTML inputs within react-dialog were broken

Fixed triggers referencing a non-existent element via aria-controls when their content is removed from the DOM (credit to @dodomorandi for the original PR)

Fixed SelectValue logging invalid prop errors when used with both asChild and a placeholder

Added repository.directory to all package.json files

Updated dependencies: @radix-ui/react-presence@1.1.6, @radix-ui/react-popper@1.3.0, @radix-ui/react-slot@1.2.5, @radix-ui/react-focus-guards@1.1.4, @radix-ui/react-dismissable-layer@1.1.12, @radix-ui/react-collection@1.1.9, @radix-ui/react-direction@1.1.2, @radix-ui/number@1.1.2, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-focus-scope@1.1.9, @radix-ui/react-id@1.1.2, @radix-ui/react-portal@1.1.11, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-callback-ref@1.1.2, @radix-ui/react-use-controllable-state@1.2.3, @radix-ui/react-use-layout-effect@1.1.2, @radix-ui/react-use-previous@1.1.2, @radix-ui/react-visually-hidden@1.2.5

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @radix-ui/react-select since your current version.

Updates @radix-ui/react-slot from 1.2.4 to 1.2.5

Changelog

Sourced from @radix-ui/react-slot's changelog.

1.2.5

Fixed infinite re-render loop in React 19 caused by Slot creating a new ref callback on every render

Added support for nested Slottable via a render prop, so a slotted element can be wrapped while still merging Slot props and refs onto it

Added repository.directory to all package.json files

Improved error messages for invalid slot children

Updated dependencies: @radix-ui/react-compose-refs@1.1.3

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @radix-ui/react-slot since your current version.

Updates framer-motion from 12.33.0 to 12.40.0

Changelog

Sourced from framer-motion's changelog.

[12.40.0] 2026-05-21

Added

path option to transition.

arc() for motion along an arc.

[12.39.0] 2026-05-18

Added

Support for repeatType and repeatDelay in animation sequences.

Fixed

Variants: Re-run keyframe animations when switching between variant labels even when they share identical keyframe arrays.

Drag: Preserve in-flight motion value animations across React 19 reorder unmount/remount so dragSnapToOrigin no longer leaves the drag transform stranded after a layout swap.

LazyMotion: Share React contexts between the framer-motion and framer-motion/m (and therefore motion/react and motion/react-m) CJS bundles so that <m.div> from the /m subpath picks up features loaded by <LazyMotion> from the main entry point.

useScroll: Support hydrating target and container refs from anywhere in the tree.

Drag: Gesture no longer starts from incorrect start point when rendered inside <AnimatePresence initial={false} />.

Drag: dragConstraints, when set as viewport-relative ref, no longer break on scroll.§

Updated visualElement hydration order.

useAnimate: Now respects skipAnimations.

AnimatePresence: Fix object-form initial values not applied on re-entry after exit completes.

scroll: Fixed callback progress when tracking an element.

useScroll: Fix hardware acceleration when tracking an element.

[12.38.0] 2026-03-16

Added

Added layoutAnchor prop to configure custom anchor point for resolving relative projection boxes.

Fixed

Reorder: Fix axis switching after window resize.

Reorder: Fix with virtualised lists.

AnimatePresence: Ensure children are removed when exit animation matches current values.

[12.37.0] 2026-03-16

Added

Support for hardware accelerating "start" and "end" offsets in scroll and useScroll.

Support for oklch, oklab, lab, lch, color, color-mix, light-dark color types.

Fixed

Fix whileInView with client-side navigation.

Fix draggable elements when layout updates due to surrounding element re-renders.

... (truncated)

Commits

38ebb94 v12.40.0
b1f766c Latest
bca5544 Merge pull request #3699 from motiondivision/lochie/arcs-injectable
f1a96cf arc(): rename amp/rotate, expose MotionPath, fix explicit cw/ccw
b4aaba0 pathRotation: non-destructive orientToPath rotation channel
8604ef3 Make arcs injectable via transition.path = arc()
f90fe29 add orientToPath
9ebe999 fix: test
bc2107e Revert "no should"
6eeb92d no should
Additional commits viewable in compare view

Updates lucide-react from 0.563.0 to 1.18.0

Release notes

Sourced from lucide-react's releases.

Version 1.18.0

What's Changed

chore(site): Remove survey from site by @ericfennis in lucide-icons/lucide#4417

feat(icons): added play-off icon by @Ahmed-Dghaies in lucide-icons/lucide#4412

fix(metadata): add missing use-cases prop on play-off.json by @karsa-mistmere in lucide-icons/lucide#4423

fix(docs): force hide #bb-banner, if html.has-bb-banner is missing by @karsa-mistmere in lucide-icons/lucide#4422

fix(docs): Remove @next from installation instructions for@lucide/svelte by @alecglassford in lucide-icons/lucide#4432

feat(packages/angular): add support for Angular v22 and onwards by @karsa-mistmere in lucide-icons/lucide#4450

fix(ci): add check to skip release if latest tag was created today by @ericfennis in lucide-icons/lucide#4085

feat(icons): added webcam-off icon by @jordan-burnett in lucide-icons/lucide#4242

New Contributors

@alecglassford made their first contribution in lucide-icons/lucide#4432

@jordan-burnett made their first contribution in lucide-icons/lucide#4242

Full Changelog: lucide-icons/lucide@1.17.0...1.18.0

Version 1.17.0

What's Changed

chore(lucide-vue-next|lucide-svelte|lucide-angular): Remove deprecated packages by @ericfennis in lucide-icons/lucide#4376

chore(repo): Update issue templates and documentation for package ren… by @ericfennis in lucide-icons/lucide#4379

feat(site): Adds survey overlay to website by @ericfennis in lucide-icons/lucide#4380

feat(site): Certificate dev links by @ericfennis in lucide-icons/lucide#4390

fix(icons): changed martini icon by @jamiemlaw in lucide-icons/lucide#4335

chore(deps): bump brace-expansion from 1.1.11 to 5.0.6 by @dependabot[bot] in lucide-icons/lucide#4386

chore(deps): bump @tootallnate/once from 2.0.0 to 2.0.1 by @dependabot[bot] in lucide-icons/lucide#4404

chore(deps): bump devalue from 5.8.0 to 5.8.1 by @dependabot[bot] in lucide-icons/lucide#4391

chore(deps): bump ws from 8.18.0 to 8.20.1 by @dependabot[bot] in lucide-icons/lucide#4392

fix(gh-icon): limit icon size to a maximum of 256 pixels by @jguddas in lucide-icons/lucide#4398

chore(dependencies): Update dependencies by @ericfennis in lucide-icons/lucide#4377

feat(copilot): Adding copilot instructions by @ericfennis in lucide-icons/lucide#4407

feat(icons): add globe-check by @Barakudum in lucide-icons/lucide#4342

feat(metadata): Require use-cases in meta json by @ericfennis in lucide-icons/lucide#4321

feat(icons): added parasol icon by @karsa-mistmere in lucide-icons/lucide#4347

Full Changelog: lucide-icons/lucide@1.16.0...1.17.0

Version 1.16.0

What's Changed

feat(icons): added blender icon by @rrod497 in lucide-icons/lucide#3884

Full Changelog: lucide-icons/lucide@1.15.0...1.16.0

Version 1.15.0

What's Changed

fix: remove 'less' from brand stopwords by @jguddas in lucide-icons/lucide#4331

fix(@lucide/vue): Clone slots before passing to icon by @axtho in lucide-icons/lucide#4339

fix(icons): changed text-cursor icon by @jamiemlaw in lucide-icons/lucide#4340

... (truncated)

Commits

07c885e fix(docs): fix zephyr-cloud URL in readmes
50d8af5 docs(readme): Update readme files (#4320)
653e44b feat(packages): use .mjs for ESM bundles (#4285)
7623e23 feat(docs): add Zephyr Cloud to Hero Backers tier & rework updateSponsors scr...
dada0a8 fix(lucide-react): Fix dynamic imports (#4210)
a6e648a fix(lucide-react): correct client directives in RSC files (#4189)
1f010a3 fix(lucide-react): Fixes provider export and RSC render issues (#4175)
484f2c9 docs(version-1): Version 1 website (#4142)
a0e202d feat(packages/angular): add new @lucide/angular package (#3897)
c5b155e Merge branch 'main' of https://github.com/lucide-icons/lucide into next
Additional commits viewable in compare view

Updates next from 16.2.6 to 16.2.9

Release notes

Sourced from next's releases.

v16.2.9

Empty release to ensure next@latest points at a stable release. Next.js only allows publishing with Trusted Publishing enabled. In order to fix NPM dist-tags, we have to release a new version. Updating dist-tags is not possible with Trusted Publishing.

v16.2.8

Release with no changes in an attempt to fix next@latest pointing at a prerelease version.

v16.2.7

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

Backport documentation fixes for v16.2 (#93804)

[backport] Patch playwright-core to resolve _finishedPromise on requestFailed (#93920)

[backport] Fix dev mode hydration failure when page is served from HTTP cache (#93492)

[backport] Fix catch-all router.query corruption with basePath + rewrites (#93917)

[backport] Encode non-ASCII characters in cache tags at construction (#93918)

[backport] Fix server action forwarding loop with middleware rewrites (#93919)

[backport] Turbopack: switch from base40 to base38 hash encoding (#93932)

[ci] Disable hanging node 24 typescript tests on 16.2 backport branch (#94164)

[backport] Fix "type: module" in project dir when using standalone or adapters (#94050)

[backport] Propagate adapter preferred regions (#94200)

[16.2.x] Don't drop FormData entries (#94240)

[backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (#94284)

Credits

Huge thanks to @eps1lon, @icyJoseph, @unstubbable, @mischnic, @bgw, @timneutkens, and @lukesandberg for helping!

Commits

f37fad9 v16.2.9
d9aaaed [cd] Allow tagging semver-lower releases as @latest if @latest po… (#94627)
6f16804 v16.2.8
0dbc1d5 [16.2.x][cd] Ensure release can be triggered on old branches (#94598)
90e3c81 [16.2.x] Align Actions dependencies with Canary (#94339)
83f402c [16.2.x][cd] Stop fetching all tags when searching parent tag (#94334)
411c455 v16.2.7
c63224f [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolut...
63115c7 [16.2.x] Don't drop FormData entries (#94240)
aef22fd [backport] Propagate adapter preferred regions (#94200)
Additional commits viewable in compare view

Updates prettier from 3.8.1 to 3.8.4

Release notes

Sourced from prettier's releases.

3.8.4

Markdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (prettier/prettier#17746 by @byplayer)

🔗 Changelog

3.8.3

SCSS: Prevent trailing comma in if() function (prettier/prettier#18471 by @kovsu)

🔗 Changelog

3.8.2

Support Angular v21.2

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.8.4

diff

Markdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (#17746 by @byplayer)

Prettier was removing blank lines between list items and their nested sub-lists, converting loose lists into tight lists and changing their semantic meaning.

- a


b


c

d





a

b


c

d






a

b



c

d
3.8.3

diff

SCSS: Prevent trailing comma in if() function (#18471 by @kovsu)
// Input
$value: if(sass(false): 1; else: -1);
// Prettier 3.8.2
$value: if(
sass(false): 1; else: -1,
</tr></table>

... (truncated)

Commits

1c6ba55 Release 3.8.4
4a673dc Fix blank lines between list items and nested sub-lists being removed in Mark...
074aaed Replace main branch in changelog link with tags (#19054)
c22a003 Bump Prettier dependency to 3.8.3
07bad1f Clean changelog_unreleased
d7108a7 Release 3.8.3
177f908 Prevent trailing comma in SCSS if() function (#18471)
1cd4066 Release @prettier/plugin-oxc@0.1.4
a8700e2 Update oxc-parser to v0.125.0
752157c Fix tests
Additional commits viewable in compare view

Updates react from 19.2.4 to 19.2.7

Release notes

Sourced from react's releases.

19.2.7 (June 1st, 2026)

React Server Components

Fixed missing FormData entries in Server Actions which regressed in 19.2.6 (#36566 by @unstubbable)

19.2.6 (May 6th, 2026)

React Server Components

Type hardening and performance improvements (#36425 by @eps1lon and @unstubbable)

19.2.5 (April 8th, 2026)

React Server Components

Add more cycle protections (#36236 by @eps1lon and @unstubbable)

Commits

6117d7c Version 19.2.7 (#36591)
eaf3e95 Version 19.2.6
23f4f9f 19.2.5
See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react since your current version.

Updates @types/react from 19.2.13 to 19.2.17

Commits

See full diff in compare view

Updates react-dom from 19.2.4 to 19.2.7

Release notes

Sourced from react-dom's releases.

19.2.7 (June 1st, 2026)

React Server Components

Fixed missing FormData entries in Server Actions which regressed in 19.2.6 (#36566 by @unstubbable)

19.2.6 (May 6th, 2026)

React Server Components

Type hardening and performance improvements (#36425 by @eps1lon and @unstubbable)

19.2.5 (April 8th, 2026)

React Server Components

Add more cycle protections (#36236 by @eps1lon and @unstubbable)

Commits

6117d7c Version 19.2.7 (#36591)
eaf3e95 Version 19.2.6
23f4f9f 19.2.5
See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react-dom since your current version.

Updates recharts from 3.7.0 to 3.8.1

Release notes

Sourced from recharts's releases.

v3.8.1

What's Changed

Bugfixes!

fix(z-index): prevent elements from disappearing during dynamic zIndex transitions by @VIDHITTS in recharts/recharts#7006

fix: prevent tooltip flicker in syncMethod="value" with mismatched data arrays by @roy7 in recharts/recharts#7020

docs: add missing SVG props documentation to PolarGrid #3400 by @ramanverse in recharts/recharts#6987

fix: add cursor prop type to BaseChartProps by @mixelburg in recharts/recharts#7065

fix: restore arrow key navigation when active index is outside zoomed… by @AbishekRaj2007 in recharts/recharts#7086

Add test for ticks spacing by @VIDHITTS in recharts/recharts#7082

fix(Pie): skip minAngle redistribution when no segment needs it by @Harikrushn9118 in recharts/recharts#7097

fix(DefaultLegendContent): use entry.value for aria-label when formatter returns React element by @mixelburg in recharts/recharts#7109

fix(PolarRadiusAxis): update ticks prop type by @PavelVanecek in recharts/recharts#7112

fix: PieChart double padding gap when a data item has value 0 by @Copilot in recharts/recharts#7113

Add boxplot example by @PavelVanecek in recharts/recharts#7130

[fix] Update ticks calculator and domain extension by @PavelVanecek in recharts/recharts#7146

fix: guard against non-function d3-scale exports in getD3ScaleFromType by @tdebarochez in recharts/recharts#7123

fix: stackOffset expand should not override numerical XAxis domain by @SeaL773 in recharts/recharts#7152

fix: resolve keyboard navigation and tooltip issues for Pie charts (#6921) by @olagokemills in recharts/recharts#7140

fix(Tooltip): prevent crash on sparse or undefined payload entries by @Om-Mishra09 in recharts/recharts#7149

fix(RechartsWrapper): prevent ResizeObserver memory leak on ref update by @Om-Mishra09 in recharts/recharts#7161

New Contributors

@AbishekRaj2007 made their first contribution in recharts/recharts#7086

@tdebarochez made their first contribution in recharts/recharts#7123

@SeaL773 made their first contribution in recharts/recharts#7152

@olagokemills made their first contribution in recharts/recharts#7140

Full Changelog: recharts/recharts@v3.8.0...v3.8.1

v3.8.0

What's Changed

We added generics to our data and dataKey props and now you can have your charts validated by TypeScript. See the full guide here: https://recharts.github.io/en-US/guide/typescript/

We are releasing new helper functions and hooks that will allow you to precisely target mouse interactions, and convert coordinates. See the guide here: https://recharts.github.io/en-US/guide/coordinateSystems/

And new functions and hooks:

getRelativeCoordinate - converts mouse events to pixel positions

Convert Data → Pixels:

useXAxisScale - returns a function to convert X data values to pixel positions useYAxisScale - returns a function to convert Y data values to pixel positions useCartesianScale - convenience hook for converting both at once

Pixels → Data:

... (truncated)

Commits

5b10788 chore(deps-dev): bump diff from 8.0.3 to 8.0.4 (#7156)
222396f chore(deps): bump react-router-dom from 7.13.1 to 7.13.2 (#7164)
c2642da chore(deps-dev): bump typescript-eslint from 8.57.1 to 8.57.2 (#7166)
b186929 fix(RechartsWrapper): prevent ResizeObserver memory leak on ref update (#7161)
738f71f fix(Tooltip): prevent crash on sparse or undefined payload entries (#7149)
00daf0b chore(deps-dev): bump rollup from 4.59.0 to 4.60.0 (#7158)
eba4f2a chore(deps-dev): bump marked from 17.0.4 to 17.0.5 (#7157)
201d060 fix: resolve keyboard navigation and tooltip issues for Pie charts (#6921) (#...
670d092 chore(deps-dev): bump flatted from 3.3.3 to 3.4.2 (#7150)
86ca8de fix: stackOffset expand should not override numerical XAxis domain (#7152)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by corkscreewe, a new releaser for recharts since your current version.

Updates tailwind-merge from 3.4.0 to 3.6.0

Release notes

Sourced from tailwind-merge's releases.

v3.6.0

New Features

Add support for Tailwind CSS v4.3 by @dcastil in dcastil/tailwind-merge#677

Add postfixLookupClassGroups option to config to support Tailwind utilities where a slash is part of the full class name, like named container queries

Add support for readonly array values by @unional in dcastil/tailwind-merge#652

Documentation

Fix broken links in README by @maurer2 in dcastil/tailwind-merge#662

Other

Harden internal CI pipeline security by omitting git checkout by @dcastil, suggested by @kyletaylored in dcastil/tailwind-merge@6b2499c

Full Changelog: dcastil/tailwind-merge@v3.5.0...v3.6.0

Thanks to @brandonmcconnell, @manavm1990, @langy, @roboflow, @syntaxfm, @getsentry, @codecov, a private sponsor, @block, @openclaw, @sourcegraph, @mike-healy and more via @thnxdev for sponsoring tailwind-merge! ❤️

v3.5.0

New Features

Add support for Tailwind CSS v4.2 by @dcastil in dcastil/tailwind-merge#651

Full Changelog: dcastil/tailwind-merge@v3.4.1...v3.5.0

Thanks to @brandonmcconnell, @manavm1990, @langy, @roboflow, @syntaxfm, @getsentry, @codecov, a private sponsor, @block, @openclaw, @sourcegraph and more via @thnxdev for sponsoring tailwind-merge! ❤️

v3.4.1

Bug Fixes

Prevent arbitrary font-family and font-weight from merging by @roneymoon in dcastil/tailwind-merge#635

Full Changelog: dcastil/tailwind-merge@v3.4.0...v3.4.1

Thanks to @brandonmcconnell, @manavm1990, @langy, @roboflow, @syntaxfm, @getsentry, @codecov, a private sponsor, @block, @openclaw, @sourcegraph and more via @thnxdev for sponsoring tailwind-merge! ❤️

Commits

d54f7e5 v3.6.0
638871a Update README to add info about Tailwind CSS v4.3 support
39fc7b5 Revert "v3.6.0"
bd8390f v3.6.0
802877c add v3.6.0 changelog
a35feda Merge pull request #665 from dcastil/renovate/rollup-plugin-babel-7.x
940389c Merge pull request #667 from dcastil/renovate/release-drafter-release-drafter...
005af6d pin to specific version
5816ced implement breaking changes
17041e1 Merge pull request #676 from dcastil/dependabot/npm_and_yarn/babel/plugin-tra...
Additional commits viewable in compare view

Updates @eslint/eslintrc from 3.3.3 to 3.3.5

Release notes

Sourced from @eslint/eslintrc's releases.

eslintrc: v3.3.5

3.3.5 (2026-03-04)

Bug Fixes

update dependency minimatch to ^3.1.5 (#227) (3dc2381)

eslintrc: v3.3.4

3.3.4 (2026-02-22)

Bug Fixes

update ajv to 6.14.0 to address security vulnerabilities (#221) (9139140)

update minimatch to 3.1.3 to address security vulnerabilities (#224) (30339d0)

Changelog

Sourced from @eslint/eslintrc's changelog.

3.3.5 (2026-03-04)

Bug Fixes

update dependency minimatch to ^3.1.5 (#227) (3dc2381)

3.3.4 (2026-02-22)

Bug Fixes

update ajv to 6.14.0 to address security vulnerabilities (#221) (9139140)

update minimatch to 3.1.3 to address security vulnerabilities (#224) (30339d0)

Commits

5135df1 chore: release 3.3.5 🚀 (#228)
c109d69 docs: Update README sponsors
3dc2381 fix: update dependency minimatch to ^3.1.5 (#227)
81385b6 ci: pin Node.js 25.6.1 (#226)
4c45e24 chore: release 3.3.4 🚀 (#223)
30339d0 fix: update minimatch to 3.1.3 to address security vulnerabilities (#224)
9139140 fix: update ajv to 6.14.0 to address security vulnerabilities (#221)
245ada5 docs: Update README sponsors
78b1a0e docs: Update README sponsors
df32fff docs: Update README sponsors
Additional commits viewable in compare view

Updates @tailwindcss/postcss from 4.1.18 to 4.3.1

Release notes

Sourced from @tailwindcss/postcss's releases.

v4.3.1

Added

Add --silent option to suppress output in @tailwindcss/cli (#20100)

Fixed

Remove deprecation warnings by using Module#registerHooks instead of Module#register on Node 26+ (#20028)

Canonicalization: don't crash when plugin utilities throw for unsupported values (#20052)

Allow @apply to be used with CSS mixins (#19427)

Ensure not-* correctly negates @container queries, including style(…) queries (#20059)

Ensure drop-shadow-* color utilities work with custom shadow values containing calc(…) (#20080)

Fix 'Sourcemap is likely to be incorrect' warnings when using @tailwindcss/vite (#20103)

Ensure @tailwindcss/webpack can be installed in Rspack projects without requiring webpack as a peer dependency (#20027)

Canonicalization: don't suggest invalid calc(…) expressions (e.g. px-[calc(1rem+0px)] → px-[calc(1rem+0)]) (#20127)

Canonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. left-[99999px] → left-[99999px], not left-24999.75) (#20130)

Ensure @tailwindcss/cli in --watch mode recovers when a tracked dependency is deleted and restored (#20137)

Ensure standalone @tailwindcss/cli binaries are ignored when scanning for class candidates (#20139)

Ensure class candidates are extracted from Twig addClass(…) and removeClass(…) calls (#20198)

Don't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (#19588)

Allow @variant to be used inside addBase (#19480)

Ensure @source globs with symlinks are preserved (#20203)

Ensure later @source rules can re-include files excluded by earlier @source not rules (#20203)

Upgrade: don't migrate empty class rules to invalid @utility rules (#20205)

Ensure transitions between inset-shadow-none and other inset shadows work correctly (#20208)

Ensure explicitly referenced @source directories are scanned even when ignored by git (#20214)

Ensure @source globs ending in **/* preserve dynamic path segments to avoid scanning too many files (#20217)

Canonicalization: don't fold calc(…) divisions when the result would require high precision (e.g. w-[calc(100%/3.5)] → w-[calc(100%/3.5)], not w-[28.571428571428573%]) (#20221)

Serve ESM type declarations to ESM importers of @tailwindcss/postcss (#20228)

Changed

Generate 0 instead of calc(var(--spacing) * 0) for spacing utilities like m-0 and left-0 (#20196)

Generate var(--spacing) instead of calc(var(--spacing) * 1) for spacing utilities like m-1 and left-1 (#20196)

v4.3.0

Added

Add @container-size utility (#18901)

Add scrollbar-{auto,thin,none} utilities for Description has been truncated

socket-security · 2026-06-11T21:36:15Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Package	Supply Chain Security	Quality	License
npm/next@16.2.6 ⏵ 16.2.9	⁺¹⁴	⁺¹
npm/eslint-config-next@16.1.6 ⏵ 16.2.9
npm/@radix-ui/react-slot@1.2.4 ⏵ 1.2.5	⁺¹	⁺¹
npm/@radix-ui/react-select@2.2.6 ⏵ 2.3.0		⁺¹
npm/@types/react@19.2.13 ⏵ 19.2.17
npm/recharts@3.7.0 ⏵ 3.8.1
npm/lucide-react@0.563.0 ⏵ 1.18.0	⁺¹	⁺²	^-19
npm/@types/node@25.2.1 ⏵ 25.9.3	⁺¹	⁺¹
npm/@eslint/eslintrc@3.3.3 ⏵ 3.3.5
npm/tailwindcss@4.1.18 ⏵ 4.3.1	⁺¹	⁺¹
npm/react@19.2.4 ⏵ 19.2.7
npm/tailwind-merge@3.4.0 ⏵ 3.6.0	⁺¹	⁺¹
npm/typescript@5.9.3 ⏵ 6.0.3	⁺¹	⁺¹
npm/react-dom@19.2.4 ⏵ 19.2.7
npm/prettier@3.8.1 ⏵ 3.8.4	⁺¹	⁺¹
npm/eslint@9.39.2 ⏵ 10.5.0	⁺¹
npm/framer-motion@12.33.0 ⏵ 12.40.0		⁺¹
npm/@tailwindcss/postcss@4.1.18 ⏵ 4.3.1	⁺¹

View full report

socket-security · 2026-06-11T21:36:18Z

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert (click "▶" to expand/collapse)
Warn		Obfuscated code: npm `@typescript-eslint/eslint-plugin` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: NineLanCacheUI/package-lock.json → `npm/eslint-config-next@16.2.9` → `npm/@typescript-eslint/eslint-plugin@8.61.1` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/@typescript-eslint/eslint-plugin@8.61.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `es-abstract` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: NineLanCacheUI/package-lock.json → `npm/eslint-config-next@16.2.9` → `npm/es-abstract@1.24.2` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/es-abstract@1.24.2`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

…updates Bumps the ui-dependencies group with 16 updates in the /NineLanCacheUI directory: | Package | From | To | | --- | --- | --- | | [@radix-ui/react-select](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/select) | `2.2.6` | `2.3.0` | | [framer-motion](https://github.com/motiondivision/motion) | `12.33.0` | `12.40.0` | | [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `0.563.0` | `1.18.0` | | [next](https://github.com/vercel/next.js) | `16.2.6` | `16.2.9` | | [prettier](https://github.com/prettier/prettier) | `3.8.1` | `3.8.4` | | [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.4` | `19.2.7` | | [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.13` | `19.2.17` | | [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.4` | `19.2.7` | | [recharts](https://github.com/recharts/recharts) | `3.7.0` | `3.8.1` | | [tailwind-merge](https://github.com/dcastil/tailwind-merge) | `3.4.0` | `3.6.0` | | [@eslint/eslintrc](https://github.com/eslint/eslintrc) | `3.3.3` | `3.3.5` | | [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss) | `4.1.18` | `4.3.1` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.2.1` | `25.9.3` | | [eslint](https://github.com/eslint/eslint) | `9.39.2` | `10.5.0` | | [eslint-config-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next) | `16.1.6` | `16.2.9` | | [typescript](https://github.com/microsoft/TypeScript) | `5.9.3` | `6.0.3` | Updates `@radix-ui/react-select` from 2.2.6 to 2.3.0 - [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/select/CHANGELOG.md) - [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/select) Updates `@radix-ui/react-slot` from 1.2.4 to 1.2.5 - [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/slot/CHANGELOG.md) - [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/slot) Updates `framer-motion` from 12.33.0 to 12.40.0 - [Changelog](https://github.com/motiondivision/motion/blob/main/CHANGELOG.md) - [Commits](motiondivision/motion@v12.33.0...v12.40.0) Updates `lucide-react` from 0.563.0 to 1.18.0 - [Release notes](https://github.com/lucide-icons/lucide/releases) - [Commits](https://github.com/lucide-icons/lucide/commits/1.18.0/packages/lucide-react) Updates `next` from 16.2.6 to 16.2.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v16.2.6...v16.2.9) Updates `prettier` from 3.8.1 to 3.8.4 - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](prettier/prettier@3.8.1...3.8.4) Updates `react` from 19.2.4 to 19.2.7 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react) Updates `@types/react` from 19.2.13 to 19.2.17 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) Updates `react-dom` from 19.2.4 to 19.2.7 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react-dom) Updates `recharts` from 3.7.0 to 3.8.1 - [Release notes](https://github.com/recharts/recharts/releases) - [Changelog](https://github.com/recharts/recharts/blob/main/CHANGELOG.md) - [Commits](recharts/recharts@v3.7.0...v3.8.1) Updates `tailwind-merge` from 3.4.0 to 3.6.0 - [Release notes](https://github.com/dcastil/tailwind-merge/releases) - [Commits](dcastil/tailwind-merge@v3.4.0...v3.6.0) Updates `@eslint/eslintrc` from 3.3.3 to 3.3.5 - [Release notes](https://github.com/eslint/eslintrc/releases) - [Changelog](https://github.com/eslint/eslintrc/blob/main/CHANGELOG.md) - [Commits](eslint/eslintrc@eslintrc-v3.3.3...eslintrc-v3.3.5) Updates `@tailwindcss/postcss` from 4.1.18 to 4.3.1 - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.1/packages/@tailwindcss-postcss) Updates `@types/node` from 25.2.1 to 25.9.3 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@types/react` from 19.2.13 to 19.2.17 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) Updates `eslint` from 9.39.2 to 10.5.0 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v9.39.2...v10.5.0) Updates `eslint-config-next` from 16.1.6 to 16.2.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/commits/v16.2.9/packages/eslint-config-next) Updates `tailwindcss` from 4.1.18 to 4.3.1 - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.1/packages/tailwindcss) Updates `typescript` from 5.9.3 to 6.0.3 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Commits](microsoft/TypeScript@v5.9.3...v6.0.3) --- updated-dependencies: - dependency-name: "@eslint/eslintrc" dependency-version: 3.3.5 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: ui-dependencies - dependency-name: "@radix-ui/react-select" dependency-version: 2.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ui-dependencies - dependency-name: "@radix-ui/react-slot" dependency-version: 1.2.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ui-dependencies - dependency-name: "@tailwindcss/postcss" dependency-version: 4.3.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: ui-dependencies - dependency-name: "@types/node" dependency-version: 25.9.2 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: ui-dependencies - dependency-name: "@types/react" dependency-version: 19.2.17 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: ui-dependencies - dependency-name: "@types/react" dependency-version: 19.2.17 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: ui-dependencies - dependency-name: eslint dependency-version: 10.4.1 dependency-type: direct:development update-type: version-update:semver-major dependency-group: ui-dependencies - dependency-name: eslint-config-next dependency-version: 16.2.7 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: ui-dependencies - dependency-name: framer-motion dependency-version: 12.40.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ui-dependencies - dependency-name: lucide-react dependency-version: 1.17.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: ui-dependencies - dependency-name: next dependency-version: 16.2.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ui-dependencies - dependency-name: prettier dependency-version: 3.8.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ui-dependencies - dependency-name: react dependency-version: 19.2.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ui-dependencies - dependency-name: react-dom dependency-version: 19.2.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ui-dependencies - dependency-name: recharts dependency-version: 3.8.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ui-dependencies - dependency-name: tailwind-merge dependency-version: 3.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ui-dependencies - dependency-name: tailwindcss dependency-version: 4.3.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: ui-dependencies - dependency-name: typescript dependency-version: 6.0.3 dependency-type: direct:development update-type: version-update:semver-major dependency-group: ui-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 11, 2026

dependabot Bot requested a review from NinePiece2 as a code owner June 11, 2026 21:35

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 11, 2026

dependabot Bot force-pushed the dependabot/npm_and_yarn/NineLanCacheUI/ui-dependencies-38e4c0430c branch from 73baee3 to eb4c52f Compare June 16, 2026 15:47

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

deps(npm): bump the ui-dependencies group across 1 directory with 18 updates#109

deps(npm): bump the ui-dependencies group across 1 directory with 18 updates#109
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/NineLanCacheUI/ui-dependencies-38e4c0430c

dependabot Bot commented on behalf of github Jun 11, 2026 •

edited

Loading

Uh oh!

socket-security Bot commented Jun 11, 2026 •

edited

Loading

Uh oh!

socket-security Bot commented Jun 11, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Uh oh!

Conversation

dependabot Bot commented on behalf of github Jun 11, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

2.3.0

1.2.5

[12.40.0] 2026-05-21

Added

[12.39.0] 2026-05-18

Added

Fixed

[12.38.0] 2026-03-16

Added

Fixed

[12.37.0] 2026-03-16

Added

Fixed

Version 1.18.0

What's Changed

New Contributors

Version 1.17.0

What's Changed

Version 1.16.0

What's Changed

Version 1.15.0

What's Changed

v16.2.9

v16.2.8

v16.2.7

Core Changes

Credits

3.8.4

3.8.3

3.8.2

3.8.4

Markdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (#17746 by @​byplayer)

3.8.3

SCSS: Prevent trailing comma in if() function (#18471 by @​kovsu)

19.2.7 (June 1st, 2026)

React Server Components

19.2.6 (May 6th, 2026)

React Server Components

19.2.5 (April 8th, 2026)

React Server Components

19.2.7 (June 1st, 2026)

React Server Components

19.2.6 (May 6th, 2026)

React Server Components

19.2.5 (April 8th, 2026)

React Server Components

v3.8.1

What's Changed

New Contributors

v3.8.0

What's Changed

v3.6.0

New Features

Documentation

Other

v3.5.0

New Features

v3.4.1

Bug Fixes

eslintrc: v3.3.5

3.3.5 (2026-03-04)

Bug Fixes

eslintrc: v3.3.4

3.3.4 (2026-02-22)

Bug Fixes

3.3.5 (2026-03-04)

Bug Fixes

3.3.4 (2026-02-22)

Bug Fixes

v4.3.1

Added

Fixed

Changed

v4.3.0

Added

Uh oh!

dependabot Bot commented on behalf of github Jun 11, 2026 •

edited

Loading

Markdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (#17746 by `@byplayer`)

SCSS: Prevent trailing comma in `if()` function (#18471 by `@kovsu`)

socket-security Bot commented Jun 11, 2026 •

edited

Loading

socket-security Bot commented Jun 11, 2026 •

edited

Loading