Update all non-major dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
@opennextjs/cloudflare (source)	^1.16.3 → ^1.17.1
@tailwindcss/postcss (source)	^4.1.18 → ^4.2.1
@types/node (source)	^25.2.2 → ^25.4.0
@types/react (source)	^19.2.13 → ^19.2.14
lucide-react (source)	^0.563.0 → ^0.577.0
pnpm (source)	10.29.2 → 10.32.0
postcss (source)	^8.5.6 → ^8.5.8
tailwind-merge	^3.4.0 → ^3.5.0
tailwindcss (source)	^4.1.18 → ^4.2.1
wrangler (source)	^4.63.0 → ^4.71.0

---

Release Notes

tailwindlabs/tailwindcss (@​tailwindcss/postcss)

v4.2.1

Compare Source

Fixed

• Allow trailing dash in functional utility names for backwards compatibility (#​19696)
• Properly detect classes containing . characters within curly braces in MDX files (#​19711)

v4.2.0

Compare Source

Added

• Add mauve, olive, mist, and taupe color palettes to the default theme (#​19627)
• Add @tailwindcss/webpack package to run Tailwind CSS as a webpack plugin (#​19610)
• Add pbs-* and pbe-* utilities for padding-block-start and padding-block-end (#​19601)
• Add mbs-* and mbe-* utilities for margin-block-start and margin-block-end (#​19601)
• Add scroll-pbs-* and scroll-pbe-* utilities for scroll-padding-block-start and scroll-padding-block-end (#​19601)
• Add scroll-mbs-* and scroll-mbe-* utilities for scroll-margin-block-start and scroll-margin-block-end (#​19601)
• Add border-bs-* and border-be-* utilities for border-block-start and border-block-end (#​19601)
• Add inline-*, min-inline-*, max-inline-* utilities for inline-size, min-inline-size, and max-inline-size (#​19612)
• Add block-*, min-block-*, max-block-* utilities for block-size, min-block-size, and max-block-size (#​19612)
• Add inset-s-*, inset-e-*, inset-bs-*, inset-be-* utilities for inset-inline-start, inset-inline-end, inset-block-start, and inset-block-end (#​19613)
• Add font-features-* utility for font-feature-settings (#​19623)

Fixed

• Prevent double @supports wrapper for color-mix values (#​19450)
• Allow whitespace around @source inline() argument (#​19461)
• Emit comment when source maps are saved to files when using @tailwindcss/cli (#​19447)
• Detect utilities containing capital letters followed by numbers (#​19465)
• Fix class extraction for Rails' strict locals (#​19525)
• Align @utility name validation with Oxide scanner rules (#​19524)
• Fix infinite loop when using @variant inside @custom-variant (#​19633)
• Allow multiples of .25 in aspect-* fractions (e.g. aspect-8.5/11) (#​19688)
• Ensure changes to external files listed via @source trigger a full page reload when using @tailwindcss/vite (#​19670)
• Improve performance of Oxide scanner in bigger projects by reducing file system walks (#​19632)
• Ensure import aliases in Astro v5 work without crashing when using @tailwindcss/vite (#​19677)
• Allow escape characters in @utility names to improve support with formatters such as Biome (#​19626)
• Fix incorrect canonicalization results when canonicalizing multiple times (#​19675)
• Add .jj to default ignored content directories (#​19687)

Deprecated

• Deprecate start-* and end-* utilities in favor of inset-s-* and inset-e-* utilities (#​19613)

lucide-icons/lucide (lucide-react)

v0.577.0: Version 0.577.0

Compare Source

What's Changed

• chore(deps): bump rollup from 4.53.3 to 4.59.0 by @​dependabot[bot] in #​4106
• fix(repo): correctly ignore docs/releaseMetadata via .gitignore by @​bhavberi in #​4100
• feat(icons): added ellipse icon by @​KISHORE-KUMAR-S in #​3749

New Contributors

• @​bhavberi made their first contribution in #​4100
• @​KISHORE-KUMAR-S made their first contribution in #​3749

Full Changelog: lucide-icons/lucide@0.576.0...0.577.0

v0.576.0: Version 0.576.0

Compare Source

What's Changed

• Added zodiac signs by @​karsa-mistmere in #​712
• fix(icons): fixes guideline violations in package-* icons. by @​karsa-mistmere in #​4074
• fix(icons): changed receipt icon by @​karsa-mistmere in #​4075
• fix(icons): updated cuboid icon tags and categories by @​karsa-mistmere in #​4095
• fix(icons): changed cuboid icon by @​jamiemlaw in #​4098
• fix(lucide-font, lucide-static): Fixing stable code points by @​ericfennis in #​3894
• feat(icons): added fishing-rod icon by @​7ender in #​3839

Full Changelog: lucide-icons/lucide@0.575.0...0.576.0

v0.575.0: Version 0.575.0

Compare Source

What's Changed

• feat(icons): added message-square-check icon by @​karsa-mistmere in #​4076
• fix(lucide): Fix ESM Module output path in build by @​ericfennis in #​4084
• feat(icons): added metronome icon by @​edwloef in #​4063
• fix(icons): remove execution permission of SVG files by @​duckafire in #​4053
• fix(icons): changed file-pen-line icon by @​jguddas in #​3970
• feat(icons): added square-arrow-right-exit and square-arrow-right-enter icons by @​EthanHazel in #​3958
• fix(icons): renamed flip-* to square-centerline-dashed-* by @​jguddas in #​3945

New Contributors

• @​edwloef made their first contribution in #​4063
• @​duckafire made their first contribution in #​4053

Full Changelog: lucide-icons/lucide@0.573.0...0.575.0

v0.574.0: Version 0.574.0

Compare Source

What's Changed

• fix(icons): changed rocking-chair icon by @​jamiemlaw in #​3445
• fix(icons): flipped coins icon by @​jguddas in #​3158
• feat(icons): added x-line-top icon by @​jguddas in #​2838
• feat(icons): added mouse-left icon by @​marvfash in #​2788
• feat(icons): added mouse-right icon by @​marvfash in #​2787

New Contributors

• @​marvfash made their first contribution in #​2788

Full Changelog: lucide-icons/lucide@0.572.0...0.574.0

v0.573.0: Version 0.573.0

Compare Source

What's Changed

• fix(icons): changed rocking-chair icon by @​jamiemlaw in #​3445
• fix(icons): flipped coins icon by @​jguddas in #​3158
• feat(icons): added x-line-top icon by @​jguddas in #​2838
• feat(icons): added mouse-left icon by @​marvfash in #​2788
• feat(icons): added mouse-right icon by @​marvfash in #​2787

New Contributors

• @​marvfash made their first contribution in #​2788

Full Changelog: lucide-icons/lucide@0.572.0...0.573.0

v0.572.0: Version 0.572.0

Compare Source

What's Changed

• feat(icons): added message-circle-check icon by @​Shrinks99 in #​3770

New Contributors

• @​Shrinks99 made their first contribution in #​3770

Full Changelog: lucide-icons/lucide@0.571.0...0.572.0

v0.571.0: Version 0.571.0

Compare Source

What's Changed

• fix(icons): rearange circle-icons path and circle order by @​adamlindqvist in #​3746
• feat(icons): added shelving-unit icon by @​karsa-mistmere in #​3041

New Contributors

• @​adamlindqvist made their first contribution in #​3746

Full Changelog: lucide-icons/lucide@0.570.0...0.571.0

v0.570.0: Version 0.570.0

Compare Source

What's Changed

• feat(icons): added towel-rack icon by @​jguddas in #​3350

Full Changelog: lucide-icons/lucide@0.569.0...0.570.0

v0.569.0: Version 0.569.0

Compare Source

What's Changed

• fix(icons): changed clipboard-pen icon by @​Spleefies in #​4006
• feat(icons): add mirror-round and mirror-rectangular by @​Muhammad-Aqib-Bashir in #​3832

Full Changelog: lucide-icons/lucide@0.568.0...0.569.0

v0.568.0: Version 0.568.0

Compare Source

What's Changed

• fix(icons): adjusted clapperboard so slash is no longer protruding by @​torfmuer in #​3764
• feat(icons): Add git-merge-conflict icon by @​timmy471 in #​3008

New Contributors

• @​torfmuer made their first contribution in #​3764
• @​timmy471 made their first contribution in #​3008

Full Changelog: lucide-icons/lucide@0.567.0...0.568.0

v0.567.0: Version 0.567.0

Compare Source

What's Changed

• chore(tags): added tags to info by @​jamiemlaw in #​4047
• fix(icons): changed gift icon by @​jguddas in #​3977
• feat(icons): added line-dot-right-horizontal icon by @​nathan-de-pachtere in #​3742

Full Changelog: lucide-icons/lucide@0.566.0...0.567.0

v0.566.0: Version 0.566.0

Compare Source

What's Changed

• fix(icons): changed forklift icon by @​jguddas in #​4069
• fix(icons): changed rocket icon by @​jguddas in #​4067
• feat(icons): added globe-off icon by @​TimNekk in #​4051

New Contributors

• @​TimNekk made their first contribution in #​4051

Full Changelog: lucide-icons/lucide@0.565.0...0.566.0

v0.565.0: Version 0.565.0

Compare Source

What's Changed

• feat(icons): add lens-concave and lens-convex by @​Muhammad-Aqib-Bashir in #​3831

Full Changelog: lucide-icons/lucide@0.564.0...0.565.0

v0.564.0: Version 0.564.0

Compare Source

What's Changed

• chore(docs): Improve SEO icon detail pages by @​ericfennis in #​4040
• feat(icons): added database-search icon by @​Spleefies in #​4003
• fix(icons): changed user-lock icon by @​jguddas in #​3971
• fix(icons): changed bug-off icon by @​jguddas in #​3972
• fix(icons): changed bell-dot icon by @​jguddas in #​3973
• fix(icons): changed bandage icon by @​jguddas in #​3967
• fix(icons): changed hard-drive icon by @​jguddas in #​3622
• fix(icons): changed git-branch icon by @​jguddas in #​3938
• fix(icons): changed file-cog icon by @​jguddas in #​3965
• fix(icons): changed cloud-alert and cloud-check icon by @​jguddas in #​3976
• feat(icons): adds user-key and user-round-key, updates other -key icons to match by @​karsa-mistmere in #​4044

New Contributors

• @​Spleefies made their first contribution in #​4003

Full Changelog: lucide-icons/lucide@0.563.1...0.564.0

pnpm/pnpm (pnpm)

v10.32.0: pnpm 10.32

Minor Changes

• Added --all flag to pnpm approve-builds that approves all pending builds without interactive prompts #​10136.

Patch Changes

• Reverted change related to setting explicitly the npm config file path, which caused regressions.
• Reverted fix related to lockfile-include-tarball-url. Fixes #​10915.

Platinum Sponsors

Gold Sponsors

v10.31.0

Compare Source

v10.30.3

Compare Source

v10.30.2

Compare Source

v10.30.1: pnpm 10.30.1

Compare Source

Patch Changes

• Use the /-/npm/v1/security/audits/quick endpoint as the primary audit endpoint, falling back to /-/npm/v1/security/audits when it fails #​10649.

Platinum Sponsors

Gold Sponsors

v10.30.0: pnpm 10.30

Compare Source

Minor Changes

• pnpm why now shows a reverse dependency tree. The searched package appears at the root with its dependents as branches, walking back to workspace roots. This replaces the previous forward-tree output which was noisy and hard to read for deeply nested dependencies.

Patch Changes

• Revert pnpm why dependency pruning to prefer correctness over memory consumption. Reverted PR: #​7122.
• Optimize pnpm why and pnpm list performance in workspaces with many importers by sharing the dependency graph and materialization cache across all importers instead of rebuilding them independently for each one #​10596.

Platinum Sponsors

Gold Sponsors

v10.29.3

Compare Source

postcss/postcss (postcss)

v8.5.8

Compare Source

• Fixed Processor#version.

v8.5.7

Compare Source

• Improved source map annotation cleaning performance (by CodeAnt AI).

dcastil/tailwind-merge (tailwind-merge)

v3.5.0

Compare Source

New Features

• Add support for Tailwind CSS v4.2 by @​dcastil in #​651

Full Changelog: dcastil/tailwind-merge@v3.4.1...v3.5.0

Thanks to @​brandonmcconnell, @​manavm1990, @​langy, @​roboflow, @​syntaxfm, @​getsentry, @​codecov, a private sponsor, @​block, @​openclaw, @​sourcegraph and more via @​thnxdev for sponsoring tailwind-merge! ❤️

v3.4.1

Compare Source

Bug Fixes

• Prevent arbitrary font-family and font-weight from merging by @​roneymoon in #​635

Full Changelog: dcastil/tailwind-merge@v3.4.0...v3.4.1

Thanks to @​brandonmcconnell, @​manavm1990, @​langy, @​roboflow, @​syntaxfm, @​getsentry, @​codecov, a private sponsor, @​block, @​openclaw, @​sourcegraph and more via @​thnxdev for sponsoring tailwind-merge! ❤️

cloudflare/workers-sdk (wrangler)

v4.71.0

Compare Source

Minor Changes

• #​11656 ec2459e Thanks @​prydt! - feat(hyperdrive): add MySQL SSL mode and Custom CA support

  Hyperdrive now supports MySQL-specific SSL modes (REQUIRED, VERIFY_CA, VERIFY_IDENTITY) alongside the existing PostgreSQL modes. The --sslmode flag now validates the provided value based on the database scheme (PostgreSQL or MySQL) and enforces appropriate CA certificate requirements for each.

  Usage:

  # MySQL with CA verification
  wrangler hyperdrive create my-config --connection-string="mysql://user:pass@host:3306/db" --sslmode=VERIFY_CA --ca-certificate-id=<cert-id>
  
  # PostgreSQL (unchanged)
  wrangler hyperdrive create my-config --connection-string="postgres://user:pass@host:5432/db" --sslmode=verify-full --ca-certificate-id=<cert-id>

Patch Changes

• Updated dependencies [5cc8fcf]:
  • @​cloudflare/unenv-preset@​2.15.0
  • miniflare@​4.20260301.1

v4.70.0

Compare Source

Minor Changes

• #​11332 6a8aa5f Thanks @​nikitassharma! - Users are now able to configure DockerHub credentials and have containers reference images stored there.

  DockerHub can be configured as follows:

  echo $PAT_TOKEN | npx wrangler@latest containers registries configure docker.io --dockerhub-username=user --secret-name=DockerHub_PAT_Token

  Containers can then specify an image from DockerHub in their wrangler.jsonc as follows:

  "containers": {
    "image": "docker.io/namespace/image:tag",
    ...
  }

• #​12649 35b2c56 Thanks @​gabivlj! - Add experimental support for containers to workers communication with interceptOutboundHttp

  This feature is experimental and requires adding the "experimental" compatibility flag to your Wrangler configuration.

• #​12701 23a365a Thanks @​jamesopstad! - Add local dev validation for the experimental secrets configuration property

  When the new secrets property is defined, wrangler dev and vite dev now validate secrets declared in secrets.required. When required secrets are missing from .dev.vars or .env/process.env, a warning is logged listing the missing secret names.

  When secrets is defined, only the keys listed in secrets.required are loaded. Additional keys in .dev.vars or .env are excluded. If you are not using .dev.vars, keys listed in secrets.required are loaded from process.env as well as .env. The CLOUDFLARE_INCLUDE_PROCESS_ENV environment variable is therefore not needed when using this feature.

  When secrets is not defined, the existing behavior is unchanged.

  // wrangler.jsonc
  {
  	"secrets": {
  		"required": ["API_KEY", "DB_PASSWORD"],
  	},
  }

• #​12695 0769056 Thanks @​jamesopstad! - Add type generation for the experimental secrets configuration property

  When the new secrets property is defined, wrangler types now generates typed bindings from the names listed in secrets.required.

  When secrets is defined at any config level, type generation uses it exclusively and no longer infers secret names from .dev.vars or .env files. This enables running type generation in environments where these files are not present.

  Per-environment secrets are supported. Each named environment produces its own interface, and the aggregated Env marks secrets that only appear in some environments as optional.

  When secrets is not defined, the existing behavior is unchanged.

  // wrangler.jsonc
  {
  	"secrets": {
  		"required": ["API_KEY", "DB_PASSWORD"],
  	},
  }

• #​12693 150ef7b Thanks @​martinezjandrew! - Add wrangler containers registries credentials command for generating temporary push/pull credentials

  This command generates short-lived credentials for authenticating with the Cloudflare managed registry (registry.cloudflare.com). Useful for CI/CD pipelines or local Docker authentication.

  # Generate push credentials (for uploading images)
  wrangler containers registries credentials registry.cloudflare.com --push
  
  # Generate pull credentials (for downloading images)
  wrangler containers registries credentials registry.cloudflare.com --pull
  
  # Generate credentials with both permissions
  wrangler containers registries credentials registry.cloudflare.com --push --pull
  
  # Custom expiration (default 15)
  wrangler containers registries credentials registry.cloudflare.com --push --expiration-minutes=30

• #​12622 bf9cb3d Thanks @​LuisDuarte1! - Add configurable step limits for Workflows

  You can now set a maximum number of steps for a Workflow instance via the limits.steps configuration in your Wrangler config. When a Workflow instance exceeds this limit, it will fail with an error indicating the limit was reached.

  // wrangler.jsonc
  {
  	"workflows": [
  		{
  			"binding": "MY_WORKFLOW",
  			"name": "my-workflow",
  			"class_name": "MyWorkflow",
  			"limits": {
  				"steps": 5000,
  			},
  		},
  	],
  }

  The steps value must be an integer between 1 and 25,000. If not specified, the default limit of 10,000 steps is used. Step limits are also enforced in local development via wrangler dev.

Patch Changes

• #​12733 d672e2e Thanks @​dario-piotrowicz! - Fix SolidStart autoconfig for projects using version 2.0.0-alpha or later

  SolidStart v2.0.0-alpha introduced a breaking change where configuration moved from app.config.(js|ts) to vite.config.(js|ts). Wrangler's autoconfig now detects the installed SolidStart version and based on it updates the appropriate configuration file

• #​12698 209b396 Thanks @​penalosa! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260305.0	1.20260226.1
  @​cloudflare/workers-types	4.20260305.0	4.20260226.1

• #​12691 596b8a0 Thanks @​penalosa! - Remove temporary AI Search RPC workaround (no user-facing changes)

• #​12694 00e729e Thanks @​garvit-gupta! - Fix wrangler pipelines setup failing for Data Catalog sinks on new buckets by using the correct R2 Catalog API error code (40401).

• Updated dependencies [35b2c56, 5f7aaf2, 209b396, 596b8a0, bf9cb3d]:

  • miniflare@​4.20260301.1

v4.69.0

Compare Source

Minor Changes

• #​12625 c0e9e08 Thanks @​WillTaylorDev! - Add cache configuration option for enabling worker cache (experimental)

  You can now enable cache before worker execution using the new cache configuration:

  {
  	"cache": {
  		"enabled": true,
  	},
  }

  This setting is environment-inheritable and opt-in. When enabled, cache behavior is applied before your worker runs.

  Note: This feature is experimental. The runtime API is not yet generally available.

Patch Changes

• #​12661 99037e3 Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260302.0	1.20260303.0

• #​12680 295297a Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260303.0	1.20260305.0

• [#​12671](

---

Configuration

📅 Schedule: Branch creation - Only on Monday ( * * * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.