Skip to content

build(deps): bump the js-dependencies group across 1 directory with 8 updates#5451

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/bun/docs-starlight/js-dependencies-3cef4c8451
Open

build(deps): bump the js-dependencies group across 1 directory with 8 updates#5451
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/bun/docs-starlight/js-dependencies-3cef4c8451

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 28, 2026
edited
Loading

Bumps the js-dependencies group with 8 updates in the /docs-starlight directory:

Package From To
@tailwindcss/vite 4.1.16 4.1.18
astro 5.16.14 5.16.16
lucide-react 0.548.0 0.563.0
sharp 0.34.4 0.34.5
starlight-links-validator 0.19.0 0.19.2
starlight-llms-txt 0.6.1 0.7.0
tailwind-merge 3.3.1 3.4.0
@types/bun 1.3.1 1.3.7

Updates @tailwindcss/vite from 4.1.16 to 4.1.18

Release notes

Sourced from @​tailwindcss/vite's releases.

v4.1.18

Fixed

  • Ensure validation of source(…) happens relative to the file it is in (#19274)
  • Include filename and line numbers in CSS parse errors (#19282)
  • Skip comments in Ruby files when checking for class names (#19243)
  • Skip over arbitrary property utilities with a top-level ! in the value (#19243)
  • Support environment API in @tailwindcss/vite (#18970)
  • Preserve case of theme keys from JS configs and plugins (#19337)
  • Write source maps correctly on the CLI when using --watch (#19373)
  • Handle special defaults (like ringColor.DEFAULT) in JS configs (#19348)
  • Improve backwards compatibility for content theme key from JS configs (#19381)
  • Upgrade: Handle future and experimental config keys (#19344)
  • Try to canonicalize any arbitrary utility to a bare value (#19379)
  • Validate candidates similarly to Oxide (#19397)
  • Canonicalization: combine text-* and leading-* classes (#19396)
  • Correctly handle duplicate CLI arguments (#19416)
  • Don’t emit color-mix fallback rules inside @keyframes (#19419)
  • CLI: Don't hang when output is /dev/stdout (#19421)

v4.1.17

Fixed

  • Substitute @variant inside legacy JS APIs (#19263)
  • Prevent occasional crash on Windows when loaded into a worker thread (#19242)
Changelog

Sourced from @​tailwindcss/vite's changelog.

[4.1.18] - 2025-12-11

Fixed

  • Ensure validation of source(…) happens relative to the file it is in (#19274)
  • Include filename and line numbers in CSS parse errors (#19282)
  • Skip comments in Ruby files when checking for class names (#19243)
  • Skip over arbitrary property utilities with a top-level ! in the value (#19243)
  • Support environment API in @tailwindcss/vite (#18970)
  • Preserve case of theme keys from JS configs and plugins (#19337)
  • Write source maps correctly on the CLI when using --watch (#19373)
  • Handle special defaults (like ringColor.DEFAULT) in JS configs (#19348)
  • Improve backwards compatibility for content theme key from JS configs (#19381)
  • Upgrade: Handle future and experimental config keys (#19344)
  • Try to canonicalize any arbitrary utility to a bare value (#19379)
  • Validate candidates similarly to Oxide (#19397)
  • Canonicalization: combine text-* and leading-* classes (#19396)
  • Correctly handle duplicate CLI arguments (#19416)
  • Don’t emit color-mix fallback rules inside @keyframes (#19419)
  • CLI: Don't hang when output is /dev/stdout (#19421)

[3.4.19] - 2025-12-10

Fixed

  • Don’t break sibling-*() functions when used inside calc(…) (#19335)

[4.1.17] - 2025-11-06

Fixed

  • Substitute @variant inside legacy JS APIs (#19263)
  • Prevent occasional crash on Windows when loaded into a worker thread (#19242)
Commits

Updates astro from 5.16.14 to 5.16.16

Release notes

Sourced from astro's releases.

astro@5.16.16

Patch Changes

  • #15281 a1b80c6 Thanks @​matthewp! - Ensures server island requests carry an encrypted component export identifier so they do not accidentally resolve to the wrong component.

  • #15304 02ee3c7 Thanks @​cameronapak! - Fix: Remove await from getActionResult example

  • #15324 ab41c3e Thanks @​Princesseuh! - Fixes an issue where certain unauthorized links could be rendered as clickable in the error overlay

astro@5.16.15

Patch Changes

  • #15286 0aafc83 Thanks @​florian-lefebvre! - Fixes a case where font providers provided as class instances may not work when using the experimental Fonts API. It affected the local provider
Changelog

Sourced from astro's changelog.

5.16.16

Patch Changes

  • #15281 a1b80c6 Thanks @​matthewp! - Ensures server island requests carry an encrypted component export identifier so they do not accidentally resolve to the wrong component.

  • #15304 02ee3c7 Thanks @​cameronapak! - Fix: Remove await from getActionResult example

  • #15324 ab41c3e Thanks @​Princesseuh! - Fixes an issue where certain unauthorized links could be rendered as clickable in the error overlay

5.16.15

Patch Changes

  • #15286 0aafc83 Thanks @​florian-lefebvre! - Fixes a case where font providers provided as class instances may not work when using the experimental Fonts API. It affected the local provider
Commits

Updates lucide-react from 0.548.0 to 0.563.0

Release notes

Sourced from lucide-react's releases.

Version 0.563.0

What's Changed

aria-hidden is by default added to icons components in all packages. This was already added to lucide-react before. Making icons accessible, you can add an aria-label or a title. See docs about accessibility.

All changes

New Contributors

Full Changelog: lucide-icons/lucide@0.562.0...0.563.0

Version 0.562.0

What's Changed

... (truncated)

Commits
  • 67c0485 feat(scripts): added helper script to automatically update OpenCollective bac...
  • b6ed43d feat(packages): Added aria-hidden fallback for decorative icons to all packag...
  • 076e0bb chore(dependencies): Update dependencies (#3809)
  • 80d6f73 fix(icons): Rename fingerprint icon to fingerprint-pattern (#3767)
  • See full diff in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for lucide-react since your current version.


Updates sharp from 0.34.4 to 0.34.5

Release notes

Sourced from sharp's releases.

v0.34.5

  • Upgrade to libvips v8.17.3 for upstream bug fixes.

  • Add experimental support for prebuilt Linux RISC-V 64-bit binaries.

  • Support building from source with npm v12+, deprecate --build-from-source flag. #4458

  • Add support for BigTIFF output. #4459 @​throwbi

  • Improve error messaging when only warnings issued. #4465

  • Simplify ICC processing when retaining input profiles. #4468

v0.34.5-rc.1

  • Upgrade to libvips v8.17.3 for upstream bug fixes.

  • Add experimental support for prebuilt Linux RISC-V 64-bit binaries.

  • Support building from source with npm v12+, deprecate --build-from-source flag. #4458

  • Add support for BigTIFF output. #4459 @​throwbi

  • Improve error messaging when only warnings issued. #4465

  • Simplify ICC processing when retaining input profiles. #4468

v0.34.5-rc.0

  • Upgrade to libvips v8.17.3 for upstream bug fixes.

  • Add experimental support for prebuilt Linux RISC-V 64-bit binaries.

  • Support building from source with npm v12+, deprecate --build-from-source flag. #4458

  • Add support for BigTIFF output. #4459 @​throwbi

  • Improve error messaging when only warnings issued. #4465

... (truncated)

Commits
  • e062456 Release v0.34.5
  • 6450c70 Prerelease v0.34.5-rc.1
  • f7c95d1 TypeScript: consolidate a few enum-like properties
  • ef86a75 Prerelease v0.34.5-rc.0
  • 6c1e840 Use structured binding for tuples where possible
  • e1628d8 Simplify ICC processing when retaining input profiles #4468
  • 4f9f817 Linter: apply all recommended biome settings
  • 09d5aa8 Docs: update internal and libvips doc links
  • 040b73c Upgrade to libvips v8.17.3
  • 1f2f33d Ensure licensing headers are retained by code bundlers
  • Additional commits viewable in compare view

Updates starlight-links-validator from 0.19.0 to 0.19.2

Release notes

Sourced from starlight-links-validator's releases.

starlight-links-validator@0.19.2

Patch Changes

  • #131 14f4d8d Thanks @​DaniFoldi! - Adds astro as a peer dependency to prevent potential build errors in monorepos with hoisting disabled.

starlight-links-validator@0.19.1

Patch Changes

  • #127 2c0e83d Thanks @​HiDeoo! - Fixes validation issues with links containing query strings when using the Astro trailingSlash option.
Changelog

Sourced from starlight-links-validator's changelog.

0.19.2

Patch Changes

  • #131 14f4d8d Thanks @​DaniFoldi! - Adds astro as a peer dependency to prevent potential build errors in monorepos with hoisting disabled.

0.19.1

Patch Changes

  • #127 2c0e83d Thanks @​HiDeoo! - Fixes validation issues with links containing query strings when using the Astro trailingSlash option.
Commits

Updates starlight-llms-txt from 0.6.1 to 0.7.0

Release notes

Sourced from starlight-llms-txt's releases.

starlight-llms-txt@0.7.0

Minor Changes

  • #43 1db4591 Thanks @​sanscontext! - Enforces llms.txt files to be prerendered at build time. Previously, sites using Astro’s output: server configuration would generate llms.txt files on-demand, which can be slow, and additionally was incompatible with the custom sets feature. This change means that llms.txt files are statically generated even for sites using output: server.

    ⚠️ Potentially breaking change: If you were relying on on-demand rendered llms.txt files, for example by using middleware to gate access, this may be a breaking change. Please share your use case to let us know if you need this.

Changelog

Sourced from starlight-llms-txt's changelog.

0.7.0

Minor Changes

  • #43 1db4591 Thanks @​sanscontext! - Enforces llms.txt files to be prerendered at build time. Previously, sites using Astro’s output: server configuration would generate llms.txt files on-demand, which can be slow, and additionally was incompatible with the custom sets feature. This change means that llms.txt files are statically generated even for sites using output: server.

    ⚠️ Potentially breaking change: If you were relying on on-demand rendered llms.txt files, for example by using middleware to gate access, this may be a breaking change. Please share your use case to let us know if you need this.

Commits

Updates tailwind-merge from 3.3.1 to 3.4.0

Release notes

Sourced from tailwind-merge's releases.

v3.4.0

New Features

Documentation

Other

Full Changelog: dcastil/tailwind-merge@v3.3.1...v3.4.0

Thanks to @​brandonmcconnell, @​manavm1990, @​langy, @​roboflow, @​syntaxfm, @​getsentry, @​codecov and a private sponsor for sponsoring tailwind-merge! ❤️

Commits
  • 3e1256a v3.4.0
  • e15f392 add changelog for v3.4.0
  • 75e9aef Merge pull request #619 from quantizor/further-improvements
  • 1bafc9c Make benchmark test names consistent
  • 0799c12 revert: remove array-based string building optimization
  • 1927858 test: add ultra long class list benchmark
  • 87baba3 Remove unnecessary pre-computed conflict maps
  • 7831c8e perf: pre-compute conflict arrays at initialization
  • 1a3d133 perf: replace localeCompare with direct string comparison
  • 0270028 perf: use index-based recursion to avoid array allocations
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for tailwind-merge since your current version.


Updates @types/bun from 1.3.1 to 1.3.7

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jan 28, 2026
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jan 28, 2026
@vercel
Copy link

vercel bot commented Jan 28, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
terragrunt-docs Ready Ready Preview, Comment Feb 2, 2026 2:55am

Request Review

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Jan 28, 2026

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

  • 🔍 Trigger a full review

Comment @coderabbitai help to get the list of available commands and usage tips.

@dependabot
build(deps): bump the js-dependencies group across 1 directory with 8…
9a8ef56 
… updates

Bumps the js-dependencies group with 8 updates in the /docs-starlight directory:

| Package | From | To |
| --- | --- | --- |
| [@tailwindcss/vite](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-vite) | `4.1.16` | `4.1.18` |
| [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro) | `5.16.14` | `5.16.16` |
| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `0.548.0` | `0.563.0` |
| [sharp](https://github.com/lovell/sharp) | `0.34.4` | `0.34.5` |
| [starlight-links-validator](https://github.com/HiDeoo/starlight-links-validator/tree/HEAD/packages/starlight-links-validator) | `0.19.0` | `0.19.2` |
| [starlight-llms-txt](https://github.com/delucis/starlight-llms-txt/tree/HEAD/packages/starlight-llms-txt) | `0.6.1` | `0.7.0` |
| [tailwind-merge](https://github.com/dcastil/tailwind-merge) | `3.3.1` | `3.4.0` |
| [@types/bun](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/bun) | `1.3.1` | `1.3.7` |



Updates `@tailwindcss/vite` from 4.1.16 to 4.1.18
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.1.18/packages/@tailwindcss-vite)

Updates `astro` from 5.16.14 to 5.16.16
- [Release notes](https://github.com/withastro/astro/releases)
- [Changelog](https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG.md)
- [Commits](https://github.com/withastro/astro/commits/astro@5.16.16/packages/astro)

Updates `lucide-react` from 0.548.0 to 0.563.0
- [Release notes](https://github.com/lucide-icons/lucide/releases)
- [Commits](https://github.com/lucide-icons/lucide/commits/0.563.0/packages/lucide-react)

Updates `sharp` from 0.34.4 to 0.34.5
- [Release notes](https://github.com/lovell/sharp/releases)
- [Commits](lovell/sharp@v0.34.4...v0.34.5)

Updates `starlight-links-validator` from 0.19.0 to 0.19.2
- [Release notes](https://github.com/HiDeoo/starlight-links-validator/releases)
- [Changelog](https://github.com/HiDeoo/starlight-links-validator/blob/main/packages/starlight-links-validator/CHANGELOG.md)
- [Commits](https://github.com/HiDeoo/starlight-links-validator/commits/starlight-links-validator@0.19.2/packages/starlight-links-validator)

Updates `starlight-llms-txt` from 0.6.1 to 0.7.0
- [Release notes](https://github.com/delucis/starlight-llms-txt/releases)
- [Changelog](https://github.com/delucis/starlight-llms-txt/blob/main/packages/starlight-llms-txt/CHANGELOG.md)
- [Commits](https://github.com/delucis/starlight-llms-txt/commits/starlight-llms-txt@0.7.0/packages/starlight-llms-txt)

Updates `tailwind-merge` from 3.3.1 to 3.4.0
- [Release notes](https://github.com/dcastil/tailwind-merge/releases)
- [Commits](dcastil/tailwind-merge@v3.3.1...v3.4.0)

Updates `@types/bun` from 1.3.1 to 1.3.7
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/bun)

---
updated-dependencies:
- dependency-name: "@tailwindcss/vite"
  dependency-version: 4.1.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: js-dependencies
- dependency-name: astro
  dependency-version: 5.16.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: js-dependencies
- dependency-name: lucide-react
  dependency-version: 0.563.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: js-dependencies
- dependency-name: sharp
  dependency-version: 0.34.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: js-dependencies
- dependency-name: starlight-links-validator
  dependency-version: 0.19.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: js-dependencies
- dependency-name: starlight-llms-txt
  dependency-version: 0.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: js-dependencies
- dependency-name: tailwind-merge
  dependency-version: 3.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: js-dependencies
- dependency-name: "@types/bun"
  dependency-version: 1.3.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: js-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/bun/docs-starlight/js-dependencies-3cef4c8451 branch from bced720 to 9a8ef56 Compare February 2, 2026 02:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@denis256 denis256 Awaiting requested review from denis256 denis256 is a code owner

@ThisGuyCodes ThisGuyCodes Awaiting requested review from ThisGuyCodes ThisGuyCodes is a code owner

@yhakbar yhakbar Awaiting requested review from yhakbar yhakbar is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants