Bump the development-dependencies group across 1 directory with 14 updates

[dependabot]

Bumps the development-dependencies group with 13 updates in the / directory:

Package	From	To
@playwright/test	1.55.0	1.56.1
@tailwindcss/postcss	4.1.12	4.1.17
@tailwindcss/typography	0.5.16	0.5.19
@tailwindcss/vite	4.1.12	4.1.17
@vitejs/plugin-react	5.0.0	5.1.1
autoprefixer	10.4.21	10.4.22
concurrently	9.2.0	9.2.1
drizzle-kit	0.31.4	0.31.7
esbuild	0.25.9	0.27.0
nodemon	3.1.10	3.1.11
tsx	4.20.4	4.20.6
typescript	5.9.2	5.9.3
vite	7.1.2	7.2.4

Updates @playwright/test from 1.55.0 to 1.56.1

Release notes

Sourced from @​playwright/test's releases.

v1.56.1

Highlights

#37871 chore: allow local-network-access permission in chromium #37891 fix(agents): remove workspaceFolder ref from vscode mcp #37759 chore: rename agents to test agents #37757 chore(mcp): fallback to cwd when resolving test config

Browser Versions

• Chromium 141.0.7390.37
• Mozilla Firefox 142.0.1
• WebKit 26.0

v1.56.0

Playwright Agents

Introducing Playwright Agents, three custom agent definitions designed to guide LLMs through the core process of building a Playwright test:

• 🎭 planner explores the app and produces a Markdown test plan
• 🎭 generator transforms the Markdown plan into the Playwright Test files
• 🎭 healer executes the test suite and automatically repairs failing tests

Run npx playwright init-agents with your client of choice to generate the latest agent definitions:

# Generate agent files for each agentic loop
# Visual Studio Code
npx playwright init-agents --loop=vscode
# Claude Code
npx playwright init-agents --loop=claude
# opencode
npx playwright init-agents --loop=opencode

[!NOTE] VS Code v1.105 (currently on the VS Code Insiders channel) is needed for the agentic experience in VS Code. It will become stable shortly, we are a bit ahead of times with this functionality!

Learn more about Playwright Agents

New APIs

• New methods page.consoleMessages() and page.pageErrors() for retrieving the most recent console messages from the page
• New method page.requests() for retrieving the most recent network requests from the page
• Added --test-list and --test-list-invert to allow manual specification of specific tests from a file

UI Mode and HTML Reporter

• Added option to 'html' reporter to disable the "Copy prompt" button
• Added option to 'html' reporter and UI Mode to merge files, collapsing test and describe blocks into a single unified list
• Added option to UI Mode mirroring the --update-snapshots options
• Added option to UI Mode to run only a single worker at a time

... (truncated)

Commits

• 54c7115 chore: revert "minimal vscode version notice" (#37892)
• 7d45eb3 chore: mark v1.56.1 (#37784)
• e6ef697 cherry-pick(#37871): chore: allow local-network-access permission in chromium
• 932542c cherry-pick(#37891): fix(agents): remove workspaceFolder ref from vscode mcp
• 0662dd2 cherry-pick(#37759): chore: rename agents to test agents
• 919549e cherry-pick(#37758): docs: mention VS Code insiders in the agents docs
• e593c64 cherry-pick(#37757): chore(mcp): fallback to cwd when resolving test config
• a8a6e10 cherry-pick(#37755): chore(mcp): minimal vscode version notice
• f36b2ee cherry-pick(#37731): docs: add agents video to agents page (#37733)
• b6af258 cherry-pick(#37727): devops: fix NPM release step (#37728)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​playwright/test since your current version.

Updates @tailwindcss/postcss from 4.1.12 to 4.1.17

Release notes

Sourced from @​tailwindcss/postcss's releases.

v4.1.17

Fixed

• Substitute @variant inside legacy JS APIs (#19263)
• Prevent occasional crash on Windows when loaded into a worker thread (#19242)

v4.1.16

Fixed

• Discard candidates with an empty data type (#19172)
• Fix canonicalization of arbitrary variants with attribute selectors (#19176)
• Fix invalid colors due to nested & (#19184)
• Improve canonicalization for & > :pseudo and & :pseudo arbitrary variants (#19178)

v4.1.15

Fixed

• Fix Safari devtools rendering issue due to color-mix fallback (#19069)
• Suppress Lightning CSS warnings about :deep, :slotted, and :global (#19094)
• Fix resolving theme keys when starting with the name of another theme key in JS configs and plugins (#19097)
• Allow named groups in combination with not-*, has-*, and in-* (#19100)
• Prevent important utilities from affecting other utilities (#19110)
• Don’t index into strings with the theme(…) function (#19111)
• Fix parsing issue when \t is used in at-rules (#19130)
• Upgrade: Canonicalize utilities containing 0 values (#19095)
• Upgrade: Migrate deprecated break-words to wrap-break-word (#19157)

Changed

• Remove the postinstall script from oxide (#19149)

v4.1.14

Fixed

• Handle ' syntax in ClojureScript when extracting classes (#18888)
• Handle @variant inside @custom-variant (#18885)
• Merge suggestions when using @utility (#18900)
• Ensure that file system watchers created when using the CLI are always cleaned up (#18905)
• Do not generate grid-column utilities when configuring grid-column-start or grid-column-end (#18907)
• Do not generate grid-row utilities when configuring grid-row-start or grid-row-end (#18907)
• Prevent duplicate CSS when overwriting a static utility with a theme key (#18056)
• Show Lightning CSS warnings (if any) when optimizing/minifying (#18918)
• Use default export condition for @tailwindcss/vite (#18948)
• Re-throw errors from PostCSS nodes (#18373)
• Detect classes in markdown inline directives (#18967)
• Ensure files with only @theme produce no output when built (#18979)
• Support Maud templates when extracting classes (#18988)
• Upgrade: Do not migrate variant = 'outline' during upgrades (#18922)
• Upgrade: Show version mismatch (if any) when running upgrade tool (#19028)
• Upgrade: Ensure first class inside className is migrated (#19031)

... (truncated)

Changelog

Sourced from @​tailwindcss/postcss's changelog.

[4.1.17] - 2025-11-06

Fixed

• Substitute @variant inside legacy JS APIs (#19263)
• Prevent occasional crash on Windows when loaded into a worker thread (#19242)

[4.1.16] - 2025-10-23

Fixed

• Discard candidates with an empty data type (#19172)
• Fix canonicalization of arbitrary variants with attribute selectors (#19176)
• Fix invalid colors due to nested & (#19184)
• Improve canonicalization for & > :pseudo and & :pseudo arbitrary variants (#19178)

[4.1.15] - 2025-10-20

Fixed

• Fix Safari devtools rendering issue due to color-mix fallback (#19069)
• Suppress Lightning CSS warnings about :deep, :slotted, and :global (#19094)
• Fix resolving theme keys when starting with the name of another theme key in JS configs and plugins (#19097)
• Allow named groups in combination with not-*, has-*, and in-* (#19100)
• Prevent important utilities from affecting other utilities (#19110)
• Don’t index into strings with the theme(…) function (#19111)
• Fix parsing issue when \t is used in at-rules (#19130)
• Upgrade: Canonicalize utilities containing 0 values (#19095)
• Upgrade: Migrate deprecated break-words to wrap-break-word (#19157)

Changed

• Remove the postinstall script from oxide (#19149)(tailwindlabs/tailwindcss#19149)

[4.1.14] - 2025-10-01

Fixed

• Handle ' syntax in ClojureScript when extracting classes (#18888)
• Handle @variant inside @custom-variant (#18885)
• Merge suggestions when using @utility (#18900)
• Ensure that file system watchers created when using the CLI are always cleaned up (#18905)
• Do not generate grid-column utilities when configuring grid-column-start or grid-column-end (#18907)
• Do not generate grid-row utilities when configuring grid-row-start or grid-row-end (#18907)
• Prevent duplicate CSS when overwriting a static utility with a theme key (#18056)
• Show Lightning CSS warnings (if any) when optimizing/minifying (#18918)
• Use default export condition for @tailwindcss/vite (#18948)
• Re-throw errors from PostCSS nodes (#18373)
• Detect classes in markdown inline directives (#18967)
• Ensure files with only @theme produce no output when built (#18979)

... (truncated)

Commits

• e9c9c4f Release v4.1.17 (#19272)
• cbbbe84 Release 4.1.16 (#19185)
• b2e2435 Release 4.1.15 (#19159)
• b67cbcf Prepare v4.1.14 release (#19037)
• b497e1e Add Upgrading from Tailwind CSS v… when running upgrade tool (#19026)
• 210575a Update dedent 1.6.0 → 1.7.0 (minor) (#19010)
• d0f7f82 Add plugin option documentation to the postcss plugin readme (#18940)
• 5b8136e Re-throw errors from PostCSS nodes (#18373)
• 1334c99 Prepare v4.1.13 release (#18868)
• See full diff in compare view

Updates @tailwindcss/typography from 0.5.16 to 0.5.19

Release notes

Sourced from @​tailwindcss/typography's releases.

v0.5.19

Fixed

• Fixed broken color styles (#405)

v0.5.18

Fixed

• Fixed undefined variable error (#403)

v0.5.17

Added

• Add modifiers for description list elements (#357)
• Add prose-picture modifier (#367)

Fixed

• Include unit in hr border-width value (#379)
• Ensure <kbd> styles work with Tailwind CSS v4 (#387)

Changed

• Remove lodash dependencies (#402)

Changelog

Sourced from @​tailwindcss/typography's changelog.

[0.5.19] - 2025-09-24

Fixed

• Fixed broken color styles (#405)

[0.5.18] - 2025-09-19

Fixed

• Fixed undefined variable error (#403)

[0.5.17] - 2025-09-19

Added

• Add modifiers for description list elements (#357)
• Add prose-picture modifier (#367)

Fixed

• Include unit in hr border-width value (#379)
• Ensure <kbd> styles work with Tailwind CSS v4 (#387)

Changed

• Remove lodash dependencies (#402)

Commits

• e002ab8 0.5.19
• bbb1c21 Fix bad RGB syntax (#405)
• b316f95 0.5.18
• ed95206 Fix variable declaration in opacity function (#403)
• 7efcb4a 0.5.17
• e0ec248 chore(ci): update actions for release insiders
• 511afcb Add modifiers for description list elements (#357)
• 042a531 Add prose-picture modifiers (#367)
• f822222 Fix kbd shadow colors not being calculated on oklch colors (#387)
• ecb7e87 Add Tailwind v4 custom color theme example to README (#396)
• Additional commits viewable in compare view

Updates @tailwindcss/vite from 4.1.12 to 4.1.17

Release notes

Sourced from @​tailwindcss/vite's releases.

v4.1.17

Fixed

• Substitute @variant inside legacy JS APIs (#19263)
• Prevent occasional crash on Windows when loaded into a worker thread (#19242)

v4.1.16

Fixed

• Discard candidates with an empty data type (#19172)
• Fix canonicalization of arbitrary variants with attribute selectors (#19176)
• Fix invalid colors due to nested & (#19184)
• Improve canonicalization for & > :pseudo and & :pseudo arbitrary variants (#19178)

v4.1.15

Fixed

• Fix Safari devtools rendering issue due to color-mix fallback (#19069)
• Suppress Lightning CSS warnings about :deep, :slotted, and :global (#19094)
• Fix resolving theme keys when starting with the name of another theme key in JS configs and plugins (#19097)
• Allow named groups in combination with not-*, has-*, and in-* (#19100)
• Prevent important utilities from affecting other utilities (#19110)
• Don’t index into strings with the theme(…) function (#19111)
• Fix parsing issue when \t is used in at-rules (#19130)
• Upgrade: Canonicalize utilities containing 0 values (#19095)
• Upgrade: Migrate deprecated break-words to wrap-break-word (#19157)

Changed

• Remove the postinstall script from oxide (#19149)

v4.1.14

Fixed

• Handle ' syntax in ClojureScript when extracting classes (#18888)
• Handle @variant inside @custom-variant (#18885)
• Merge suggestions when using @utility (#18900)
• Ensure that file system watchers created when using the CLI are always cleaned up (#18905)
• Do not generate grid-column utilities when configuring grid-column-start or grid-column-end (#18907)
• Do not generate grid-row utilities when configuring grid-row-start or grid-row-end (#18907)
• Prevent duplicate CSS when overwriting a static utility with a theme key (#18056)
• Show Lightning CSS warnings (if any) when optimizing/minifying (#18918)
• Use default export condition for @tailwindcss/vite (#18948)
• Re-throw errors from PostCSS nodes (#18373)
• Detect classes in markdown inline directives (#18967)
• Ensure files with only @theme produce no output when built (#18979)
• Support Maud templates when extracting classes (#18988)
• Upgrade: Do not migrate variant = 'outline' during upgrades (#18922)
• Upgrade: Show version mismatch (if any) when running upgrade tool (#19028)
• Upgrade: Ensure first class inside className is migrated (#19031)

... (truncated)

Changelog

Sourced from @​tailwindcss/vite's changelog.

[4.1.17] - 2025-11-06

Fixed

• Substitute @variant inside legacy JS APIs (#19263)
• Prevent occasional crash on Windows when loaded into a worker thread (#19242)

[4.1.16] - 2025-10-23

Fixed

• Discard candidates with an empty data type (#19172)
• Fix canonicalization of arbitrary variants with attribute selectors (#19176)
• Fix invalid colors due to nested & (#19184)
• Improve canonicalization for & > :pseudo and & :pseudo arbitrary variants (#19178)

[4.1.15] - 2025-10-20

Fixed

• Fix Safari devtools rendering issue due to color-mix fallback (#19069)
• Suppress Lightning CSS warnings about :deep, :slotted, and :global (#19094)
• Fix resolving theme keys when starting with the name of another theme key in JS configs and plugins (#19097)
• Allow named groups in combination with not-*, has-*, and in-* (#19100)
• Prevent important utilities from affecting other utilities (#19110)
• Don’t index into strings with the theme(…) function (#19111)
• Fix parsing issue when \t is used in at-rules (#19130)
• Upgrade: Canonicalize utilities containing 0 values (#19095)
• Upgrade: Migrate deprecated break-words to wrap-break-word (#19157)

Changed

• Remove the postinstall script from oxide (#19149)(tailwindlabs/tailwindcss#19149)

[4.1.14] - 2025-10-01

Fixed

• Handle ' syntax in ClojureScript when extracting classes (#18888)
• Handle @variant inside @custom-variant (#18885)
• Merge suggestions when using @utility (#18900)
• Ensure that file system watchers created when using the CLI are always cleaned up (#18905)
• Do not generate grid-column utilities when configuring grid-column-start or grid-column-end (#18907)
• Do not generate grid-row utilities when configuring grid-row-start or grid-row-end (#18907)
• Prevent duplicate CSS when overwriting a static utility with a theme key (#18056)
• Show Lightning CSS warnings (if any) when optimizing/minifying (#18918)
• Use default export condition for @tailwindcss/vite (#18948)
• Re-throw errors from PostCSS nodes (#18373)
• Detect classes in markdown inline directives (#18967)
• Ensure files with only @theme produce no output when built (#18979)

... (truncated)

Commits

• e9c9c4f Release v4.1.17 (#19272)
• cbbbe84 Release 4.1.16 (#19185)
• b2e2435 Release 4.1.15 (#19159)
• 89cbfc7 Add optimize option to @tailwindcss/vite plugin (#19131)
• b67cbcf Prepare v4.1.14 release (#19037)
• 5a94f81 Use default export condition for @tailwindcss/vite (#18948)
• 1334c99 Prepare v4.1.13 release (#18868)
• See full diff in compare view

Updates @vitejs/plugin-react from 5.0.0 to 5.1.1

Release notes

Sourced from @​vitejs/plugin-react's releases.

plugin-react@5.1.1

Update code to support newer rolldown-vite (#976)

rolldown-vite will remove optimizeDeps.rollupOptions in favor of optimizeDeps.rolldownOptions soon. This plugin now uses optimizeDeps.rolldownOptions to support newer rolldown-vite. Please update rolldown-vite to the latest version if you are using an older version.

plugin-react@5.1.0

Add @vitejs/plugin-react/preamble virtual module for SSR HMR (#890)

SSR applications can now initialize HMR runtime by importing @vitejs/plugin-react/preamble at the top of their client entry instead of manually calling transformIndexHtml. This simplifies SSR setup for applications that don't use the transformIndexHtml API.

Fix raw Rolldown support for Rolldown 1.0.0-beta.44+ (#930)

Rolldown 1.0.0-beta.44+ removed the top-level jsx option in favor of transform.jsx. This plugin now uses the transform.jsx option to support Rolldown 1.0.0-beta.44+.

plugin-react@5.0.4

Perf: use native refresh wrapper plugin in rolldown-vite (#881)

plugin-react@5.0.3

HMR did not work for components imported with queries with rolldown-vite (#872)

Perf: simplify refresh wrapper generation (#835)

plugin-react@5.0.2

Skip transform hook completely in rolldown-vite in dev if possible (#783)

plugin-react@5.0.1

Set optimizeDeps.rollupOptions.transform.jsx instead of optimizeDeps.rollupOptions.jsx for rolldown-vite (#735)

optimizeDeps.rollupOptions.jsx is going to be deprecated in favor of optimizeDeps.rollupOptions.transform.jsx.

Perf: skip babel-plugin-react-compiler if code has no "use memo" when { compilationMode: "annotation" } (#734)

Respect tsconfig jsxImportSource (#726)

Fix reactRefreshHost option on rolldown-vite (#716)

Fix RefreshRuntime being injected twice for class components on rolldown-vite (#708)

Skip babel-plugin-react-compiler on non client environment (689)

Changelog

Sourced from @​vitejs/plugin-react's changelog.

5.1.1 (2025-11-12)

Update code to support newer rolldown-vite (#976)

rolldown-vite will remove optimizeDeps.rollupOptions in favor of optimizeDeps.rolldownOptions soon. This plugin now uses optimizeDeps.rolldownOptions to support newer rolldown-vite. Please update rolldown-vite to the latest version if you are using an older version.

5.1.0 (2025-10-24)

Add @vitejs/plugin-react/preamble virtual module for SSR HMR (#890)

SSR applications can now initialize HMR runtime by importing @vitejs/plugin-react/preamble at the top of their client entry instead of manually calling transformIndexHtml. This simplifies SSR setup for applications that don't use the transformIndexHtml API.

Fix raw Rolldown support for Rolldown 1.0.0-beta.44+ (#930)

Rolldown 1.0.0-beta.44+ removed the top-level jsx option in favor of transform.jsx. This plugin now uses the transform.jsx option to support Rolldown 1.0.0-beta.44+.

5.0.4 (2025-09-27)

Perf: use native refresh wrapper plugin in rolldown-vite (#881)

5.0.3 (2025-09-17)

HMR did not work for components imported with queries with rolldown-vite (#872)

Perf: simplify refresh wrapper generation (#835)

5.0.2 (2025-08-28)

Skip transform hook completely in rolldown-vite in dev if possible (#783)

5.0.1 (2025-08-19)

Set optimizeDeps.rollupOptions.transform.jsx instead of optimizeDeps.rollupOptions.jsx for rolldown-vite (#735)

optimizeDeps.rollupOptions.jsx is going to be deprecated in favor of optimizeDeps.rollupOptions.transform.jsx.

Perf: skip babel-plugin-react-compiler if code has no "use memo" when { compilationMode: "annotation" } (#734)

Respect tsconfig jsxImportSource (#726)

Fix reactRefreshHost option on rolldown-vite (#716)

Fix RefreshRuntime being injected twice for class components on rolldown-vite (#708)

Skip babel-plugin-react-compiler on non client environment (689)

Commits

• 23db727 release: plugin-react@5.1.1
• bcc7db0 chore: add changelog for #976 and #978
• 4a2e229 fix(react): use rolldownOptions instead of deprecated rollupOptions in optimi...
• 41cb823 fix(deps): update all non-major dependencies (#968)
• 9cabe27 fix(deps): update all non-major dependencies (#960)
• c8d918e chore(react): use ts-ignore for ecosystem-ci (#956)
• 0849e42 fix(deps): update all non-major dependencies (#953)
• 3e5a374 release: plugin-react@5.1.0
• 44cbed4 fix(react): compat with newer rolldown (#930)
• c54d3c6 chore(deps): update all non-major dependencies (#926)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​vitejs/plugin-react since your current version.

Updates autoprefixer from 10.4.21 to 10.4.22

Release notes

Sourced from autoprefixer's releases.

10.4.22

• Fixed stretch prefixes on new Can I Use database.
• Updated fraction.js.

Changelog

Sourced from autoprefixer's changelog.

10.4.22

• Fixed stretch prefixes on new Can I Use database.
• Updated fraction.js.

Commits

• 73dc62c Release 10.4.22 version
• 9973c59 Lock CI action versions
• 4b4feca Fix Node.js 10 on CI
• 15c21d3 Fix old Node.js CI
• 27523c1 Update fraction.js
• 88a0d3e Update dependencies and fix stretch and update example
• See full diff in compare view

Updates concurrently from 9.2.0 to 9.2.1

Release notes

Sourced from concurrently's releases.

v9.2.1

What's Changed

• chore: update eslint-plugin-simple-import-sort from v10 to v12 by @​noritaka1166 in open-cli-tools/concurrently#551
• chore: update eslint-config-prettier from v9 to v10 by @​noritaka1166 in open-cli-tools/concurrently#552
• Remove lodash by @​gustavohenke in open-cli-tools/concurrently#555
• chore: update coveralls-next from v4 to v5 by @​noritaka1166 in open-cli-tools/concurrently#557
• Replace jest with vitest by @​gustavohenke in open-cli-tools/concurrently#554
• Upgrade to pnpm v10 by @​paescuj in open-cli-tools/concurrently#558
• chore: remove unused eslint-plugin-jest by @​noritaka1166 in open-cli-tools/concurrently#559
• Minor dependency updates by @​paescuj in open-cli-tools/concurrently#560
• Migrate to ESLint v9 by @​paescuj in open-cli-tools/concurrently#561
• Update shell-quote to 1.8.3 by @​paescuj in open-cli-tools/concurrently#562
• Full coverage by @​paescuj in open-cli-tools/concurrently#563
• Update GH actions/workflows, enable NPM provenance by @​paescuj in open-cli-tools/concurrently#564

Full Changelog: open-cli-tools/concurrently@v9.2.0...v9.2.1

Commits

• 414cd01 9.2.1
• 0dfedb0 Update GH actions/workflows, enable npm provenance (#564)
• ee81511 Remove obsolete tsdk config
• 09d3d7b Full coverage (#563)
• 8cfc6a6 Update shell-quote to 1.8.3 (#562)
• 4c403f8 Migrate to ESLint v9 (#561)
• 8bfcaf7 Minor dependency updates (#560)
• 389fec4 Enable watch mode & coverage for unit tests by default
• 7993ce6 chore: remove unused eslint-plugin-jest (#559)
• 58300f4 Remove obsolete .npmrc file
• Additional commits viewable in compare view

Updates drizzle-kit from 0.31.4 to 0.31.7

Release notes

Sourced from drizzle-kit's releases.

drizzle-kit@0.31.6

Bug fixes

• [BUG]: Importing drizzle-kit/api fails in ESM modules

drizzle-kit@0.31.5

• Add casing support to studio configuration and related functions

Commits

• 47ba9c8 Merge remote-tracking branch 'origin/main'
• 4e61887 +
• c66862c Merge pull request #5036 from drizzle-team/kit-checks
• 391d33b Merge branch 'main' into kit-checks
• 97f9a45 fix: Update permissions and streamline npm configuration in release workflows
• 0dfed1b Merge pull request #5035 from drizzle-team/kit-checks
• b6a6aac fix: Add environment variables for npm authentication in release workflow
• b9d7199 fix: Fix release-latest
• c314c8d Merge pull request #5034 from drizzle-team/kit-checks
• 64f4c79 +
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for drizzle-kit since your current version.

Updates esbuild from 0.25.9 to 0.27.0

Release notes

Sourced from esbuild's releases.

v0.27.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.26.0 or ~0.26.0. See npm's documentation about semver for more information.

• Use Uint8Array.fromBase64 if available (#4286)

  With this release, esbuild's binary loader will now use the new Uint8Array.fromBase64 function unless it's unavailable in the configured target environment. If it's unavailable, esbuild's previous code for this will be used as a fallback. Note that this means you may now need to specify target when using this feature with Node (for example --target=node22) unless you're using Node v25+.

• Update the Go compiler from v1.23.12 to v1.25.4 (#4208, #4311)

  This raises the operating system requirements for running esbuild:

  • Linux: now requires a kernel version of 3.2 or later
  • macOS: now requires macOS 12 (Monterey) or later

v0.26.0

• Enable trusted publishing (#4281)

  GitHub and npm are recommending that maintainers for packages such as esbuild switch to trusted publishing. With this release, a VM on GitHub will now build and publish all of esbuild's packages to npm instead of me. In theory.

  Unfortunately there isn't really a way to test that this works other than to do it live. So this release is that live test. Hopefully this release is uneventful and is exactly the same as the previous one (well, except for the green provenance attestation checkmark on npm that happens with trusted publishing).

v0.25.12

• Fix a minification regression with CSS media queries (#4315)

  The previous release introduced support for parsing media queries which unintentionally introduced a regression with the removal of duplicate media rules during minification. Specifically the grammar for @media <media-type> and <media-condition-without-or> { ... } was missing an equality check for the <media-condition-without-or> part, so rules with different suffix clauses in this posit...

  Description has been truncated

[github-actions]

Docker Build Test 🐳

⚠️ 2 critical vulnerabilities found

📋 Build Steps

• TypeScript compilation: ✅
• Application build: ✅
• Docker image build: ✅
• Container smoke test: ✅

🔍 Security Scan Summary

🔴 2 Critical 🟠 4 High 🟡 4 Medium

📋 View full vulnerability report in Actions log

📦 Build Artifacts

The following artifacts are available for download:

• Docker Image: docker-image-pr-66 (7 days retention)
• Application Snapshot: app-snapshot-870df41297d73c4a83f84977574dc0922bc0cb50 (7 days retention)

---

📊 View detailed results • 🔒 Security tab • Pushed by @dependabot[bot]