chore(deps): bump the production_patches group across 1 directory with 4 updates

[dependabot]

Bumps the production_patches group with 4 updates in the / directory: @tailwindcss/postcss, pinia, socket.io-client and vue.

Updates @tailwindcss/postcss from 4.1.14 to 4.1.18

Release notes

Sourced from @​tailwindcss/postcss's releases.

v4.1.18

Fixed

• Ensure validation of source(…) happens relative to the file it is in (#19274)
• Include filename and line numbers in CSS parse errors (#19282)
• Skip comments in Ruby files when checking for class names (#19243)
• Skip over arbitrary property utilities with a top-level ! in the value (#19243)
• Support environment API in @tailwindcss/vite (#18970)
• Preserve case of theme keys from JS configs and plugins (#19337)
• Write source maps correctly on the CLI when using --watch (#19373)
• Handle special defaults (like ringColor.DEFAULT) in JS configs (#19348)
• Improve backwards compatibility for content theme key from JS configs (#19381)
• Upgrade: Handle future and experimental config keys (#19344)
• Try to canonicalize any arbitrary utility to a bare value (#19379)
• Validate candidates similarly to Oxide (#19397)
• Canonicalization: combine text-* and leading-* classes (#19396)
• Correctly handle duplicate CLI arguments (#19416)
• Don’t emit color-mix fallback rules inside @keyframes (#19419)
• CLI: Don't hang when output is /dev/stdout (#19421)

v4.1.17

Fixed

• Substitute @variant inside legacy JS APIs (#19263)
• Prevent occasional crash on Windows when loaded into a worker thread (#19242)

v4.1.16

Fixed

• Discard candidates with an empty data type (#19172)
• Fix canonicalization of arbitrary variants with attribute selectors (#19176)
• Fix invalid colors due to nested & (#19184)
• Improve canonicalization for & > :pseudo and & :pseudo arbitrary variants (#19178)

v4.1.15

Fixed

• Fix Safari devtools rendering issue due to color-mix fallback (#19069)
• Suppress Lightning CSS warnings about :deep, :slotted, and :global (#19094)
• Fix resolving theme keys when starting with the name of another theme key in JS configs and plugins (#19097)
• Allow named groups in combination with not-*, has-*, and in-* (#19100)
• Prevent important utilities from affecting other utilities (#19110)
• Don’t index into strings with the theme(…) function (#19111)
• Fix parsing issue when \t is used in at-rules (#19130)
• Upgrade: Canonicalize utilities containing 0 values (#19095)
• Upgrade: Migrate deprecated break-words to wrap-break-word (#19157)

Changed

• Remove the postinstall script from oxide (#19149)

Changelog

Sourced from @​tailwindcss/postcss's changelog.

[4.1.18] - 2025-12-11

Fixed

• Ensure validation of source(…) happens relative to the file it is in (#19274)
• Include filename and line numbers in CSS parse errors (#19282)
• Skip comments in Ruby files when checking for class names (#19243)
• Skip over arbitrary property utilities with a top-level ! in the value (#19243)
• Support environment API in @tailwindcss/vite (#18970)
• Preserve case of theme keys from JS configs and plugins (#19337)
• Write source maps correctly on the CLI when using --watch (#19373)
• Handle special defaults (like ringColor.DEFAULT) in JS configs (#19348)
• Improve backwards compatibility for content theme key from JS configs (#19381)
• Upgrade: Handle future and experimental config keys (#19344)
• Try to canonicalize any arbitrary utility to a bare value (#19379)
• Validate candidates similarly to Oxide (#19397)
• Canonicalization: combine text-* and leading-* classes (#19396)
• Correctly handle duplicate CLI arguments (#19416)
• Don’t emit color-mix fallback rules inside @keyframes (#19419)
• CLI: Don't hang when output is /dev/stdout (#19421)

[3.4.19] - 2025-12-10

Fixed

• Don’t break sibling-*() functions when used inside calc(…) (#19335)

[4.1.17] - 2025-11-06

Fixed

• Substitute @variant inside legacy JS APIs (#19263)
• Prevent occasional crash on Windows when loaded into a worker thread (#19242)

[4.1.16] - 2025-10-23

Fixed

• Discard candidates with an empty data type (#19172)
• Fix canonicalization of arbitrary variants with attribute selectors (#19176)
• Fix invalid colors due to nested & (#19184)
• Improve canonicalization for & > :pseudo and & :pseudo arbitrary variants (#19178)

[4.1.15] - 2025-10-20

Fixed

• Fix Safari devtools rendering issue due to color-mix fallback (#19069)
• Suppress Lightning CSS warnings about :deep, :slotted, and :global (#19094)
• Fix resolving theme keys when starting with the name of another theme key in JS configs and plugins (#19097)

... (truncated)

Commits

• 9b32f7c Release v4.1.18 (#19431)
• 9c8cf8a Fix formatting of path in README.md (#19407)
• e9c9c4f Release v4.1.17 (#19272)
• cbbbe84 Release 4.1.16 (#19185)
• b2e2435 Release 4.1.15 (#19159)
• See full diff in compare view

Updates pinia from 3.0.3 to 3.0.4

Commits

• 290db63 release: pinia@3.0.4 @​pinia/testing@​1.0.3 @​pinia/nuxt@​0.11.3
• 0e9e7e7 feat(nuxt): automatic HMR code (vite only) (#2954)
• be9e356 feat(warn): detect global context on the server side (#2983)
• 8a65eb7 chore: up nuxt 4
• e25e525 fix(nuxt): resolve auto-imports in layers (#3035)
• 868f6b5 chore: dedupe
• c0a6a4b chore: up deps
• bcc571b test: upgrade workspaces vitest
• 1cf5687 test: unstub specific action
• 9b92217 fix: store type
• Additional commits viewable in compare view

Updates socket.io-client from 4.8.1 to 4.8.3

Release notes

Sourced from socket.io-client's releases.

socket.io-client@4.8.2

Bug Fixes

• bundle: do not mangle the "_placeholder" attribute (bis) (cdae019)
• drain queue before emitting "connect" (#5259) (d19928e)

Dependencies

• engine.io-client@~6.6.1 (no change)
• ws@~8.17.1 (no change)

Commits

• e9e5bed chore(release): socket.io-client@4.8.3
• 9581f9b fix(sio): do not throw when calling io.close() on a stopped server
• 579d43f refactor: remove unused files
• ee9aac3 chore(release): socket.io-parser@4.2.5
• 968277c chore(release): socket.io-adapter@2.5.6
• 2bf16bd chore(release): engine.io-client@6.6.4
• ad61607 docs(eio): fix link in the release notes
• dd71792 chore(release): socket.io@4.8.2
• bb0b480 fix(sio): improve io.close() function (#5344)
• 161be91 test(sio): pin version of the client bundle in the tests
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for socket.io-client since your current version.

Updates vue from 3.5.22 to 3.5.26

Release notes

Sourced from vue's releases.

v3.5.26

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

v3.5.25

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

v3.5.24

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

v3.5.23

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

Changelog

Sourced from vue's changelog.

3.5.26 (2025-12-18)

Bug Fixes

• compat: fix compat handler of draggable (#12445) (ed85953), closes #12444
• compat: handle v-model deprecation warning with missing appContext (#14203) (945a543), closes #14202
• compiler-sfc: demote const reactive bindings used in v-model (#14214) (e24ff7d), closes #11265 #11275
• compiler-ssr: handle ssr attr fallthrough when preserve whitespace (#12304) (4783118), closes #8072
• hmr: handle cached text node update (#14134) (69ce3c7), closes #14127
• keep-alive: use resolved component name for async components in cache pruning (#14212) (dfe667c), closes #14210
• runtime-core: ensure correct anchor el for deeper unresolved async components (#14182) (f5b3bf2), closes #14173
• runtime-core: handle patch stable fragment edge case (#12411) (94aeb64), closes #12410
• runtime-core: pass component instance to flushPreFlushCbs on unmount (#14221) (e857e12), closes #14215

Performance Improvements

• compiler-core: use binary-search to get line and column (#14222) (1904053)

3.5.25 (2025-11-24)

Bug Fixes

• compiler: share logic for comments and whitespace (#13550) (2214f7a)
• provide: warn when using provide after mounting (#13954) (247b2c2), closes #13921 #13924
• reactivity: correctly wrap iterated array items to preserve their readonly status (#14120) (301020b)
• reactivity: toRef edge cases for ref unwrapping (#12420) (0d2357e)
• runtime-core: keep options API typing intact when expose is used (#14118) (8f82f23), closes #14117 vuejs/language-tools#5069
• suspense: defer clearing fallback vnode el in case it has dirs (#14080) (c0f63dd), closes #14078

3.5.24 (2025-11-07)

Reverts

• Revert "fix(compiler-core): correctly handle ts type assertions in expression…" (#14062) (11ec51a), closes #14062 #14060

3.5.23 (2025-11-06)

Bug Fixes

... (truncated)

Commits

• c68bebf release: v3.5.26
• e857e12 fix(runtime-core): pass component instance to flushPreFlushCbs on unmount (#1...
• f33b308 types(defineProps): avoid never props becoming boolean flags (#14059)
• 94aeb64 fix(runtime-core): handle patch stable fragment edge case (#12411)
• ed85953 fix(compat): fix compat handler of draggable (#12445)
• 4783118 fix(compiler-ssr): handle ssr attr fallthrough when preserve whitespace (#12304)
• 6611dda types(runtime-core): export DirectiveModifiers type (#14198)
• e24ff7d fix(compiler-sfc): demote const reactive bindings used in v-model (#14214)
• 69ce3c7 fix(hmr): handle cached text node update (#14134)
• 1904053 perf(compiler-core): use binary-search to get line and column (#14222)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.