[npm](deps): Bump the dependencies group in /react with 5 updates

[dependabot]

Bumps the dependencies group in /react with 5 updates:

Package	From	To
lucide-react	0.575.0	0.576.0
react-router	7.13.0	7.13.1
@tailwindcss/vite	4.2.0	4.2.1
@types/node	25.3.0	25.3.3
tailwindcss	4.2.0	4.2.1

Updates lucide-react from 0.575.0 to 0.576.0

Release notes

Sourced from lucide-react's releases.

Version 0.576.0

What's Changed

• Added zodiac signs by @​karsa-mistmere in lucide-icons/lucide#712
• fix(icons): fixes guideline violations in package-* icons. by @​karsa-mistmere in lucide-icons/lucide#4074
• fix(icons): changed receipt icon by @​karsa-mistmere in lucide-icons/lucide#4075
• fix(icons): updated cuboid icon tags and categories by @​karsa-mistmere in lucide-icons/lucide#4095
• fix(icons): changed cuboid icon by @​jamiemlaw in lucide-icons/lucide#4098
• fix(lucide-font, lucide-static): Fixing stable code points by @​ericfennis in lucide-icons/lucide#3894
• feat(icons): added fishing-rod icon by @​7ender in lucide-icons/lucide#3839

Full Changelog: lucide-icons/lucide@0.575.0...0.576.0

Commits

• See full diff in compare view

Updates react-router from 7.13.0 to 7.13.1

Release notes

Sourced from react-router's releases.

v7.13.1

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7131

Changelog

Sourced from react-router's changelog.

7.13.1

Patch Changes

• fix null reference exception in bad codepath leading to invalid route tree comparisons (#14780)

• fix: clear timeout when turbo-stream encoding completes (#14810)

• Improve error message when Origin header is invalid (#14743)

• Fix matchPath optional params matching without a "/" separator. (#14689)

  • matchPath("/users/:id?", "/usersblah") now returns null.
  • matchPath("/test_route/:part?", "/test_route_more") now returns null.

• add RSC unstable_getRequest (#14758)

• Fix HydrateFallback rendering during initial lazy route discovery with matching splat route (#14740)

• [UNSTABLE] Add support for <Link unstable_mask> in Data Mode which allows users to navigate to a URL in the router but "mask" the URL displayed in the browser. This is useful for contextual routing usages such as displaying an image in a model on top of a gallery, but displaying a browser URL directly to the image that can be shared and loaded without the contextual gallery in the background. (#14716)

  // routes/gallery.tsx
  export function clientLoader({ request }: Route.LoaderArgs) {
    let sp = new URL(request.url).searchParams;
    return {
      images: getImages(),
      // When the router location has the image param, load the modal data
      modalImage: sp.has("image") ? getImage(sp.get("image")!) : null,
    };
  }
  export default function Gallery({ loaderData }: Route.ComponentProps) {
  return (
  <>
  <GalleryGrid>
  {loaderData.images.map((image) => (
  <Link
  key={image.id}
  {/* Navigate the router to /galley?image=N /}}
  to={/gallery?image=${image.id}}
  {/ But display /images/N in the URL bar */}}
  unstable_mask={/images/${image.id}}
  >
  <img src={image.url} alt={image.alt} />
  </Link>
  ))}
  </GalleryGrid>
    {/* When the modal data exists, display the modal */}
    {data.modalImage ? (

... (truncated)

Commits

• aa3f078 chore: Update version for release (#14829)
• 3207a5c chore: Update version for release (pre) (#14814)
• aa93af3 Merge branch 'main' into release-next
• db7eb57 Fix manifest version mismatch reload losing query parameters and hash (#14813)
• 2994019 Add support for <Link unstable_mask> (#14716)
• 6dda561 fix: clear timeout when turbo-stream encoding completes (#14735) (#14810)
• 407d885 Revert "fix: clear timeout when turbo-stream encoding completes (#14735)" (#1...
• 11a1600 Fix meta function API reference URL (#14808)
• 44991a9 fix: clear timeout when turbo-stream encoding completes (#14735)
• b66e632 Fix hydrate fallback rendering during initial lazy route discovery (#14740)
• Additional commits viewable in compare view

Updates @tailwindcss/vite from 4.2.0 to 4.2.1

Release notes

Sourced from @​tailwindcss/vite's releases.

v4.2.1

Fixed

• Allow trailing dash in functional utility names for backwards compatibility (#19696)
• Properly detect classes containing . characters within curly braces in MDX files (#19711)

Changelog

Sourced from @​tailwindcss/vite's changelog.

[4.2.1] - 2026-02-23

Fixed

• Allow trailing dash in functional utility names for backwards compatibility (#19696)
• Properly detect classes containing . characters within curly braces in MDX files (#19711)

Commits

• 1dce64e 4.2.1 (#19714)
• See full diff in compare view

Updates @types/node from 25.3.0 to 25.3.3

Commits

• See full diff in compare view

Updates tailwindcss from 4.2.0 to 4.2.1

Release notes

Sourced from tailwindcss's releases.

v4.2.1

Fixed

• Allow trailing dash in functional utility names for backwards compatibility (#19696)
• Properly detect classes containing . characters within curly braces in MDX files (#19711)

Changelog

Sourced from tailwindcss's changelog.

[4.2.1] - 2026-02-23

Fixed

• Allow trailing dash in functional utility names for backwards compatibility (#19696)
• Properly detect classes containing . characters within curly braces in MDX files (#19711)

Commits

• 1dce64e 4.2.1 (#19714)
• d15d92c Allow trailing dash in functional utility names (#19696)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud