Skip to content

chore(deps): bump the web-minor-patch group across 1 directory with 6 updates#72

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/web/web-minor-patch-5a43969fdd
Open

chore(deps): bump the web-minor-patch group across 1 directory with 6 updates#72
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/web/web-minor-patch-5a43969fdd

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 14, 2026

Copy link
Copy Markdown
Contributor

Bumps the web-minor-patch group with 5 updates in the /web directory:

Package From To
@xyflow/react 12.11.1 12.11.2
dompurify 3.4.11 3.4.12
mermaid 11.15.0 11.16.0
react-virtuoso 4.18.7 4.18.10
@tailwindcss/vite 4.3.1 4.3.2

Updates @xyflow/react from 12.11.1 to 12.11.2

Release notes

Sourced from @​xyflow/react's releases.

@​xyflow/react@​12.11.2

Patch Changes

Changelog

Sourced from @​xyflow/react's changelog.

12.11.2

Patch Changes

Commits
  • 3ab66ef chore(packages): bump
  • 01d58b6 Merge pull request #5846 from AlaricBaraou/perf/viewport-imperative-transform
  • 742860c perf(react): skip minimap re-renders when its geometry is unchanged
  • 17c64a1 perf(react): apply the viewport transform imperatively instead of re-renderin...
  • 775bdd6 Merge pull request #5825 from AlaricBaraou/perf/xydrag-draggable-only
  • 576a43d refactor(react): pass nodesDraggable to prevent wrong initial state
  • 5072914 perf(react): only create an XYDrag instance for draggable nodes
  • See full diff in compare view

Updates dompurify from 3.4.11 to 3.4.12

Release notes

Sourced from dompurify's releases.

DOMPurify 3.4.12

  • Fixed an issue where a hook would not get called for custom elements, thanks @​Rikuxx0
  • Hardened the handling of hooks removing elements, @​mkrause-bee360
  • Added support for a few new SVG attributes, thanks @​cbn-falias & @​Develop-KIM
  • Hardened the handling of declarative partial updates
  • Updated the documentation is several spots, README, wiki, etc.
  • Bumped several dependencies where possible
Commits

Updates mermaid from 11.15.0 to 11.16.0

Release notes

Sourced from mermaid's releases.

mermaid@11.16.0

Minor Changes

  • #7535 ea1c48f Thanks @​ragelink! - feat(cynefin): Adds the Cynefin framework as a new diagram type (beta) to Mermaid (available as cynefin-beta). The Cynefin framework, created by Dave Snowden, is a decision-making framework that categorizes problems into five complexity domains, widely used in agile, incident management, strategy, and organizational design.

  • #7721 f45cc2c Thanks @​notionparallax! - feat(treeView): add box-drawing character input support for treeView diagrams

  • #7550 f1f4d45 Thanks @​DominicBurkart! - feat(xychart): add per-point text labels for xychart line plots

  • #7527 b4d0442 Thanks @​notionparallax! - feat(treeView): Extends the existing treeView-beta diagram with features useful for representing file/directory structures.

  • #7793 a6f097d Thanks @​SSDWGG! - feat(er): support optional ER attribute types with a ? suffix

  • #7772 37f2e36 Thanks @​devareddy05! - feat(gantt): support multiple excludes / includes lines so long exclusion lists can be split into commented groups (#6270)

  • #7708 4e63e9d Thanks @​txmxthy! - feat(architecture): add align row|column {ids…} directive to architecture-beta diagrams so authors can declare horizontal or vertical alignment of services explicitly.

  • #7760 05223be Thanks @​ngdaniels! - feat(pie): Enhance Pie Chart - Enable donut chart, Set legend position, and highlight slice

  • #7251 216e4e9 Thanks @​ydah! - feat(railroad): Add support for Railroad Diagrams (Syntax Diagrams) with four input syntaxes: IR (railroad-beta), EBNF (railroad-ebnf-beta), ABNF (railroad-abnf-beta), and PEG (railroad-peg-beta).

  • #7774 e5c75e6 Thanks @​ngdaniels! - feat(xychart): enable rotate label on X-axis

  • #7791 974fa7b Thanks @​knsv-bot! - feat(swimlane): add swimlane as a standalone diagram type with a dedicated layered orthogonal layout algorithm

Patch Changes

... (truncated)

Commits
  • 7c0cafc Version Packages: v11.16.0 (#7916)
  • 26acd1a Merge pull request #7915 from mermaid-js/release/11.16.0
  • 5a8eae7 Merge branch 'master' into release/11.16.0
  • dd5ea77 Merge pull request #7913 from mermaid-js/pebr/fix-changesets
  • 658ee66 docs: fix missing bumps of @mermaid-js/parser
  • 04259a1 docs: fix author and commit on examples changeset
  • c9dcfb1 docs: update changeset diagram scopes
  • a34dab9 docs: remove swimlane/cynefin bugfix changesets
  • e81f31f docs: remove local-editor changeset
  • 7223f03 Minor correction
  • Additional commits viewable in compare view

Updates react-virtuoso from 4.18.7 to 4.18.10

Release notes

Sourced from react-virtuoso's releases.

react-virtuoso@4.18.10

Patch Changes

  • fca20fa Thanks @​petyosi! - Fix explicit undefined initial top-most item index values crashing when empty data updates to an object-form initial index.

react-virtuoso@4.18.9

Patch Changes

  • #1444 0c68e81 Thanks @​Luccas-carvalho! - Harden scroll-target and initial-index handling:
    • Clamp the initial top-most item index to the available range, so an out-of-range initialTopMostItemIndex (for example after the data set shrinks) no longer starts the list at a blank or mid-list position.
    • Stop mutating the location object passed to scrollToIndex; normalizeIndexLocation now applies its defaults to a shallow copy.
    • Treat a default-positioned initialTopMostItemIndex of { index: 0 } the same as 0, avoiding a redundant initial scroll and a delayed followOutput.

react-virtuoso@4.18.8

Patch Changes

Changelog

Sourced from react-virtuoso's changelog.

4.18.10

Patch Changes

  • fca20fa Thanks @​petyosi! - Fix explicit undefined initial top-most item index values crashing when empty data updates to an object-form initial index.

4.18.9

Patch Changes

  • #1444 0c68e81 Thanks @​Luccas-carvalho! - Harden scroll-target and initial-index handling:
    • Clamp the initial top-most item index to the available range, so an out-of-range initialTopMostItemIndex (for example after the data set shrinks) no longer starts the list at a blank or mid-list position.
    • Stop mutating the location object passed to scrollToIndex; normalizeIndexLocation now applies its defaults to a shallow copy.
    • Treat a default-positioned initialTopMostItemIndex of { index: 0 } the same as 0, avoiding a redundant initial scroll and a delayed followOutput.

4.18.8

Patch Changes

Commits
  • 2c68507 Version Packages
  • fca20fa fix: handle undefined initial topmost index
  • 7cf51b6 Version Packages (#1449)
  • 0c68e81 fix: harden scroll-target and initial-index handling (#1444)
  • 0af9e75 Version Packages (#1443)
  • 6b1467c fix/clamp-out-of-range-scroll-index (#1442)
  • 6d066ee Fix flaky horizontal-rtl e2e test by waiting for item render
  • 5f90dfd Author the agent skills and publish them to virtuoso-dev/skills (#1428)
  • 782aae7 Stabilize data e2e assertions
  • aeb3c49 Fix react-virtuoso lint violations
  • Additional commits viewable in compare view

Updates @tailwindcss/vite from 4.3.1 to 4.3.2

Release notes

Sourced from @​tailwindcss/vite's releases.

v4.3.2

Fixed

  • Support bare spacing values for auto-rows-* and auto-cols-* utilities (e.g. auto-rows-12 and auto-cols-16) (#20229)
  • Prevent @tailwindcss/cli in --watch mode from crashing on Windows when @source points to a directory that doesn't exist (#20242)
  • Prevent @tailwindcss/vite from crashing in Deno v2.8.x when context.parentURL is not a valid URL (#20245)
  • Ensure @tailwindcss/cli in --watch mode rebuilds when the input CSS file changes in an ignored directory (#20246)
  • Allow @variant rules used in addBase(…) to use custom variants defined later (#20247)
  • Prevent @tailwindcss/vite from crashing during HMR when scanned files or directories are deleted (#20259)
  • Generate font-size instead of color declarations for text-[--spacing(…)] (#20260)
  • Prevent @source patterns from scanning unrelated sibling files and folders (#20263)
  • Extract class candidates adjacent to Template Toolkit delimiters like %]…[% in .tt, .tt2, and .tx files (#20269)
  • Extract class candidates from conditional Maud syntax like p.text-black[condition] (#20269)
  • Prevent @position-try rules from triggering unknown at-rule warnings when optimizing CSS (#20277)
  • Support class suggestions for named opacity modifiers from --opacity theme values (#20287)
  • Prevent type errors in @tailwindcss/postcss when used with newer PostCSS patch releases (#20289)
Changelog

Sourced from @​tailwindcss/vite's changelog.

[4.3.2] - 2026-06-26

Fixed

  • Support bare spacing values for auto-rows-* and auto-cols-* utilities (e.g. auto-rows-12 and auto-cols-16) (#20229)
  • Prevent @tailwindcss/cli in --watch mode from crashing on Windows when @source points to a directory that doesn't exist (#20242)
  • Prevent @tailwindcss/vite from crashing in Deno v2.8.x when context.parentURL is not a valid URL (#20245)
  • Ensure @tailwindcss/cli in --watch mode rebuilds when the input CSS file changes in an ignored directory (#20246)
  • Allow @variant rules used in addBase(…) to use custom variants defined later (#20247)
  • Prevent @tailwindcss/vite from crashing during HMR when scanned files or directories are deleted (#20259)
  • Generate font-size instead of color declarations for text-[--spacing(…)] (#20260)
  • Prevent @source patterns from scanning unrelated sibling files and folders (#20263)
  • Extract class candidates adjacent to Template Toolkit delimiters like %]…[% in .tt, .tt2, and .tx files (#20269)
  • Extract class candidates from conditional Maud syntax like p.text-black[condition] (#20269)
  • Prevent @position-try rules from triggering unknown at-rule warnings when optimizing CSS (#20277)
  • Support class suggestions for named opacity modifiers from --opacity theme values (#20287)
  • Prevent type errors in @tailwindcss/postcss when used with newer PostCSS patch releases (#20289)
Commits

Updates tailwindcss from 4.3.1 to 4.3.2

Release notes

Sourced from tailwindcss's releases.

v4.3.2

Fixed

  • Support bare spacing values for auto-rows-* and auto-cols-* utilities (e.g. auto-rows-12 and auto-cols-16) (#20229)
  • Prevent @tailwindcss/cli in --watch mode from crashing on Windows when @source points to a directory that doesn't exist (#20242)
  • Prevent @tailwindcss/vite from crashing in Deno v2.8.x when context.parentURL is not a valid URL (#20245)
  • Ensure @tailwindcss/cli in --watch mode rebuilds when the input CSS file changes in an ignored directory (#20246)
  • Allow @variant rules used in addBase(…) to use custom variants defined later (#20247)
  • Prevent @tailwindcss/vite from crashing during HMR when scanned files or directories are deleted (#20259)
  • Generate font-size instead of color declarations for text-[--spacing(…)] (#20260)
  • Prevent @source patterns from scanning unrelated sibling files and folders (#20263)
  • Extract class candidates adjacent to Template Toolkit delimiters like %]…[% in .tt, .tt2, and .tx files (#20269)
  • Extract class candidates from conditional Maud syntax like p.text-black[condition] (#20269)
  • Prevent @position-try rules from triggering unknown at-rule warnings when optimizing CSS (#20277)
  • Support class suggestions for named opacity modifiers from --opacity theme values (#20287)
  • Prevent type errors in @tailwindcss/postcss when used with newer PostCSS patch releases (#20289)
Changelog

Sourced from tailwindcss's changelog.

[4.3.2] - 2026-06-26

Fixed

  • Support bare spacing values for auto-rows-* and auto-cols-* utilities (e.g. auto-rows-12 and auto-cols-16) (#20229)
  • Prevent @tailwindcss/cli in --watch mode from crashing on Windows when @source points to a directory that doesn't exist (#20242)
  • Prevent @tailwindcss/vite from crashing in Deno v2.8.x when context.parentURL is not a valid URL (#20245)
  • Ensure @tailwindcss/cli in --watch mode rebuilds when the input CSS file changes in an ignored directory (#20246)
  • Allow @variant rules used in addBase(…) to use custom variants defined later (#20247)
  • Prevent @tailwindcss/vite from crashing during HMR when scanned files or directories are deleted (#20259)
  • Generate font-size instead of color declarations for text-[--spacing(…)] (#20260)
  • Prevent @source patterns from scanning unrelated sibling files and folders (#20263)
  • Extract class candidates adjacent to Template Toolkit delimiters like %]…[% in .tt, .tt2, and .tx files (#20269)
  • Extract class candidates from conditional Maud syntax like p.text-black[condition] (#20269)
  • Prevent @position-try rules from triggering unknown at-rule warnings when optimizing CSS (#20277)
  • Support class suggestions for named opacity modifiers from --opacity theme values (#20287)
  • Prevent type errors in @tailwindcss/postcss when used with newer PostCSS patch releases (#20289)
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

… updates

Bumps the web-minor-patch group with 5 updates in the /web directory:

| Package | From | To |
| --- | --- | --- |
| [@xyflow/react](https://github.com/xyflow/xyflow/tree/HEAD/packages/react) | `12.11.1` | `12.11.2` |
| [dompurify](https://github.com/cure53/DOMPurify) | `3.4.11` | `3.4.12` |
| [mermaid](https://github.com/mermaid-js/mermaid) | `11.15.0` | `11.16.0` |
| [react-virtuoso](https://github.com/petyosi/react-virtuoso/tree/HEAD/packages/react-virtuoso) | `4.18.7` | `4.18.10` |
| [@tailwindcss/vite](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-vite) | `4.3.1` | `4.3.2` |



Updates `@xyflow/react` from 12.11.1 to 12.11.2
- [Release notes](https://github.com/xyflow/xyflow/releases)
- [Changelog](https://github.com/xyflow/xyflow/blob/main/packages/react/CHANGELOG.md)
- [Commits](https://github.com/xyflow/xyflow/commits/@xyflow/react@12.11.2/packages/react)

Updates `dompurify` from 3.4.11 to 3.4.12
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](cure53/DOMPurify@3.4.11...3.4.12)

Updates `mermaid` from 11.15.0 to 11.16.0
- [Release notes](https://github.com/mermaid-js/mermaid/releases)
- [Commits](https://github.com/mermaid-js/mermaid/compare/mermaid@11.15.0...mermaid@11.16.0)

Updates `react-virtuoso` from 4.18.7 to 4.18.10
- [Release notes](https://github.com/petyosi/react-virtuoso/releases)
- [Changelog](https://github.com/petyosi/react-virtuoso/blob/main/packages/react-virtuoso/CHANGELOG.md)
- [Commits](https://github.com/petyosi/react-virtuoso/commits/react-virtuoso@4.18.10/packages/react-virtuoso)

Updates `@tailwindcss/vite` from 4.3.1 to 4.3.2
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.2/packages/@tailwindcss-vite)

Updates `tailwindcss` from 4.3.1 to 4.3.2
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.2/packages/tailwindcss)

---
updated-dependencies:
- dependency-name: "@xyflow/react"
  dependency-version: 12.11.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: web-minor-patch
- dependency-name: dompurify
  dependency-version: 3.4.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: web-minor-patch
- dependency-name: mermaid
  dependency-version: 11.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: web-minor-patch
- dependency-name: react-virtuoso
  dependency-version: 4.18.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: web-minor-patch
- dependency-name: "@tailwindcss/vite"
  dependency-version: 4.3.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: web-minor-patch
- dependency-name: tailwindcss
  dependency-version: 4.3.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: web-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jul 14, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@github-actions

Copy link
Copy Markdown

GLM 审查信息

结论

未发现需要阻塞的明显问题。本次为依赖版本升级,主要包含 patch 和 minor 级别更新,无破坏性 API 变更,但部分库的行为修复可能影响现有边缘逻辑。

发现

暂无。

建议测试

  1. Tailwind CSS 样式回归tailwindcss 升级至 4.3.2 后,修复了 text-[--spacing(…)] 生成 font-size 而非 color 的问题。建议全局搜索项目中是否使用了类似 text-[--spacing(...)] 或相关的动态类名,检查相关元素的字体大小和颜色是否符合预期。
  2. 长列表滚动行为react-virtuoso 升级至 4.18.10 后,对越界的 initialTopMostItemIndexscrollToIndex 进行了截断处理。建议测试动态数据集缩短时,列表的初始滚动位置和滚动定位是否出现跳动或异常。
  3. Mermaid 图表渲染mermaid 升级至 11.16.0(minor 更新),建议全面测试各类已有的 Mermaid 图表(如流程图、时序图、甘特图等)的渲染效果,确认无样式错乱或解析报错。
  4. 流程图交互与性能@xyflow/react 升级至 12.11.2,对 MiniMapViewport 的渲染和节点拖拽进行了性能优化。建议测试流程图的缩放、平移、节点拖拽以及小地图的联动是否正常,特别是在节点数量较多时的表现。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants