chore(deps): update all non-minor and non major dependencies (jetstream) (patch)

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	OpenSSF
@tailwindcss/postcss (source)	devDependencies	patch	4.1.10 -> 4.1.17
@tailwindcss/typography	devDependencies	patch	0.5.16 -> 0.5.19
daisyui (source)	devDependencies	patch	5.0.43 -> 5.0.55
laravel/jetstream	require	patch	5.3.7 -> 5.3.8
laravel/pennant	require	patch	1.17.0 -> 1.17.1
laravel/sanctum	require	patch	4.1.1 -> 4.1.2
livewire/livewire	require	patch	3.6.3 -> 3.6.4
livewire/volt	require	patch	1.7.1 -> 1.7.2
nunomaduro/collision	require-dev	patch	8.8.1 -> 8.8.2
pestphp/pest	require-dev	patch	3.8.2 -> 3.8.4
phpat/phpat	require-dev	patch	0.11.5 -> 0.11.10
psalm/plugin-laravel	require-dev	patch	3.0.3 -> 3.0.4
robsontenorio/mary (source)	require	patch	2.4.2 -> 2.4.9
squizlabs/php_codesniffer	require-dev	patch	3.13.2 -> 3.13.5
tailwindcss (source)	devDependencies	patch	4.1.10 -> 4.1.17
vimeo/psalm	require-dev	patch	6.12 -> 6.12.1

---

Release Notes

tailwindlabs/tailwindcss (@​tailwindcss/postcss)

v4.1.17

Compare Source

Fixed

• Substitute @variant inside legacy JS APIs (#​19263)
• Prevent occasional crash on Windows when loaded into a worker thread (#​19242)

v4.1.16

Compare Source

Fixed

• Discard candidates with an empty data type (#​19172)
• Fix canonicalization of arbitrary variants with attribute selectors (#​19176)
• Fix invalid colors due to nested & (#​19184)
• Improve canonicalization for & > :pseudo and & :pseudo arbitrary variants (#​19178)

v4.1.15

Compare Source

Fixed

• Fix Safari devtools rendering issue due to color-mix fallback (#​19069)
• Suppress Lightning CSS warnings about :deep, :slotted, and :global (#​19094)
• Fix resolving theme keys when starting with the name of another theme key in JS configs and plugins (#​19097)
• Allow named groups in combination with not-*, has-*, and in-* (#​19100)
• Prevent important utilities from affecting other utilities (#​19110)
• Don’t index into strings with the theme(…) function (#​19111)
• Fix parsing issue when \t is used in at-rules (#​19130)
• Upgrade: Canonicalize utilities containing 0 values (#​19095)
• Upgrade: Migrate deprecated break-words to wrap-break-word (#​19157)

Changed

• Remove the postinstall script from oxide ([#​19149])(#​19149)

v4.1.14

Compare Source

Fixed

• Handle ' syntax in ClojureScript when extracting classes (#​18888)
• Handle @variant inside @custom-variant (#​18885)
• Merge suggestions when using @utility (#​18900)
• Ensure that file system watchers created when using the CLI are always cleaned up (#​18905)
• Do not generate grid-column utilities when configuring grid-column-start or grid-column-end (#​18907)
• Do not generate grid-row utilities when configuring grid-row-start or grid-row-end (#​18907)
• Prevent duplicate CSS when overwriting a static utility with a theme key (#​18056)
• Show Lightning CSS warnings (if any) when optimizing/minifying (#​18918)
• Use default export condition for @tailwindcss/vite (#​18948)
• Re-throw errors from PostCSS nodes (#​18373)
• Detect classes in markdown inline directives (#​18967)
• Ensure files with only @theme produce no output when built (#​18979)
• Support Maud templates when extracting classes (#​18988)
• Upgrade: Do not migrate variant = 'outline' during upgrades (#​18922)
• Upgrade: Show version mismatch (if any) when running upgrade tool (#​19028)
• Upgrade: Ensure first class inside className is migrated (#​19031)
• Upgrade: Migrate classes inside *ClassName and *Class attributes (#​19031)

v4.1.13

Compare Source

Changed

• Drop warning from browser build (#​18731)
• Drop exact duplicate declarations when emitting CSS (#​18809)

Fixed

• Don't transition visibility when using transition (#​18795)
• Discard matched variants with unknown named values (#​18799)
• Discard matched variants with non-string values (#​18799)
• Show suggestions for known matchVariant values (#​18798)
• Replace deprecated clip with clip-path in sr-only (#​18769)
• Hide internal fields from completions in matchUtilities (#​18820)
• Ignore .vercel folders by default (can be overridden by @source … rules) (#​18855)
• Consider variants starting with @- to be invalid (e.g. @-2xl:flex) (#​18869)
• Do not allow custom variants to start or end with a - or _ (#​18867, #​18872)
• Upgrade: Migrate aria theme keys to @custom-variant (#​18815)
• Upgrade: Migrate data theme keys to @custom-variant (#​18816)
• Upgrade: Migrate supports theme keys to @custom-variant (#​18817)

v4.1.12

Compare Source

Fixed

• Don't consider the global important state in @apply (#​18404)
• Add missing suggestions for flex-<number> utilities (#​18642)
• Fix trailing ) from interfering with extraction in Clojure keywords (#​18345)
• Detect classes inside Elixir charlist, word list, and string sigils (#​18432)
• Track source locations through @plugin and @config (#​18345)
• Allow boolean values of process.env.DEBUG in @tailwindcss/node (#​18485)
• Ignore consecutive semicolons in the CSS parser (#​18532)
• Center the dropdown icon added to an input with a paired datalist by default (#​18511)
• Extract candidates in Slang templates (#​18565)
• Improve error messages when encountering invalid functional utility names (#​18568)
• Discard CSS AST objects with false or undefined properties (#​18571)
• Allow users to disable URL rebasing in @tailwindcss/postcss via transformAssetUrls: false (#​18321)
• Fix false-positive migrations in addEventListener and JavaScript variable names (#​18718)
• Fix Standalone CLI showing default Bun help when run via symlink on Windows (#​18723)
• Read from --border-color-* theme keys in divide-* utilities for backwards compatibility (#​18704)
• Don't scan .hdr and .exr files for classes by default (#​18734)

v4.1.11

Compare Source

Fixed

• Add heuristic to skip candidate migrations inside emit(…) (#​18330)
• Extract candidates with variants in Clojure/ClojureScript keywords (#​18338)
• Document --watch=always in the CLI's usage (#​18337)
• Add support for Vite 7 to @tailwindcss/vite (#​18384)

tailwindlabs/tailwindcss-typography (@​tailwindcss/typography)

v0.5.19

Compare Source

Fixed

• Fixed broken color styles (#​405)

v0.5.18

Compare Source

Fixed

• Fixed undefined variable error (#​403)

v0.5.17

Compare Source

Added

• Add modifiers for description list elements (#​357)
• Add prose-picture modifier (#​367)

Fixed

• Include unit in hr border-width value (#​379)
• Ensure <kbd> styles work with Tailwind CSS v4 (#​387)

Changed

• Remove lodash dependencies (#​402)

saadeghi/daisyui (daisyui)

v5.0.55

Compare Source

v5.0.54

Compare Source

Bug Fixes

• prefersdark theme overriding the default theme in custom themes. closes: #​3921 (bd6b064)

v5.0.53

Compare Source

Bug Fixes

• improve text contrast for selected cally dates on hover (#​4056) (904505f), closes #​4042

v5.0.52

Compare Source

Bug Fixes

• date input alignment in labels on iOS Safari (#​3995) (ee1bd67), closes #​3952

v5.0.51

Compare Source

Bug Fixes

• styles for disabled inputs and select in fieldset (c60350d), closes #​4021

v5.0.50

Compare Source

Bug Fixes

• use semantic fallbacks for checkbox states, improve indeterminate visibility. closes: #​3979 (d19f38a)

v5.0.49

Compare Source

Bug Fixes

• react-day-picker disableNavigation not styling properly. closes: #​3990 (29123bc)

v5.0.48

Compare Source

Bug Fixes

• apply theme-aware hover styling to Cally day buttons. closes: #​3991 (9960287)

v5.0.47

Compare Source

Bug Fixes

• browser search icon color in dark theme. closes: #​4006 (922256d)

v5.0.46

Compare Source

laravel/jetstream (laravel/jetstream)

v5.3.8

Compare Source

• [5.x] Bump Livewire to 3.6.4 by @​PerryvanderMeer in #​1578

laravel/pennant (laravel/pennant)

v1.17.1

Compare Source

• Fix - Correct retrieval of 0 feature values via DB driver by @​pocketninja in #​143

laravel/sanctum (laravel/sanctum)

v4.1.2

Compare Source

• [4.x] Factor token last_used_at update into separate method by @​cosmastech in #​567
• refactor: use text for name column by @​reidsolon in #​570

livewire/livewire (livewire/livewire)

v3.6.4

Compare Source

What's Changed

• Fix property update hydration by @​joshhanley

Full Changelog: livewire/livewire@v3.6.3...v3.6.4

livewire/volt (livewire/volt)

v1.7.2

Compare Source

• Support the dot in the make:volt command by @​morpheus7CS in #​140

nunomaduro/collision (nunomaduro/collision)

v8.8.2

Compare Source

pestphp/pest (pestphp/pest)

v3.8.4

Compare Source

v3.8.3

Compare Source

• adds support for phpunit v11.5.33

carlosas/phpat (phpat/phpat)

v0.11.10

Compare Source

Fix ShouldHaveOnlyOnePublicMethodNamed assertion by @​carlosas

v0.11.9

Compare Source

• Fix shouldBeNamed assertion by @​Bapawe
• Add isStandardClass selector by @​carlosas

v0.11.8

Compare Source

• Add PHP 8.3 missing built-in classes by @​carlosas
• Catch instanceof in dependency rules by @​carlosas

v0.11.7

Compare Source

• Add withFilepath selector by @​SpencerMalone
• Rollback param name for ShouldBeNamed assertion by @​carlosas

v0.11.6

Compare Source

• Add missing rule identifier to Declaration assertions errors by @​calebdw
• Fix support for regex in ShouldHaveOnlyOnePublicMethodNamed assertion by @​NanoSector
• Add support for attribute arguments in AppliesAttribute assertion by @​raffaelecarelle

psalm/psalm-plugin-laravel (psalm/plugin-laravel)

v3.0.4

Compare Source

What’s Changed

• Update stub for dispatch() match upstream Laravel (#​407) @​saulens22

Full Changelog: psalm/psalm-plugin-laravel@v3.0.3...v3.0.4

robsontenorio/mary (robsontenorio/mary)

v2.4.9

Compare Source

What's Changed

• Dropdown: Add scroll and max-height properties by @​CaseMonster in #​998
• Input: Add popover attribute by @​Almandeel in #​999
• Toast: Add progress support by @​lchevalot in #​1001
• MenuItem: improve support for using route parameter by @​AlwynW in #​1006

New Contributors

• @​AlwynW made their first contribution in #​1006

Full Changelog: robsontenorio/mary@2.4.8...2.4.9

v2.4.8

Compare Source

What's Changed

• Drawer: add without-backdrop-close attribute by @​CaseMonster in #​987
• Choices: add no-progress attribute by @​Almandeel in #​994
• Spotlight: add no-wire-navigate attribute by @​Almandeel in #​995
• Table: fix RTL chevron icon rotation in expandable rows by @​MohammaddReza in #​996

New Contributors

• @​Almandeel made their first contribution in #​994

Full Changelog: robsontenorio/mary@2.4.7...2.4.8

v2.4.7

Compare Source

What's Changed

• ListItem: fallback avatar by @​robsontenorio in #​983
• ListItem: remove padding from individual elements by @​CaseMonster in #​981
• Spotlight: disable browser autocomplete by @​robsontenorio in #​978
• Toast: fix deprecation message by @​robsontenorio in #​972
• DatePicker: Fix append/prepend and add clearable & placeholder by @​amnesca in #​986
• Tags: support multiple error fields by @​matheus-de-araujo in #​974

New Contributors

• @​matheus-de-araujo made their first contribution in #​974

Full Changelog: robsontenorio/mary@2.4.6...2.4.7

v2.4.6

Compare Source

What's Changed

• Choices/ChoicesOffline: fix Firefox issue by @​chrischase011 in #​966
• Stat: fix overflow on small screens by @​MohammaddReza in #​959
• Icon: prevent shrinking by @​robsontenorio in #​962

New Contributors

• @​chrischase011 made their first contribution in #​966
• @​MohammaddReza made their first contribution in #​959

Full Changelog: robsontenorio/mary@2.4.5...2.4.6

v2.4.5

Compare Source

What's Changed

• Input: add password-icon-tabindex by @​AtmoFX in #​958

Full Changelog: robsontenorio/mary@2.4.4...2.4.5

v2.4.4

Compare Source

What's Changed

• Pin: add no-gap attribute by @​AtmoFX in #​951
• Card: add body-class attribute. by @​CaseMonster in #​945
• Spotlight: add fallback-avatar by @​robsontenorio in #​956
• Avatar: add fallback-image by @​robsontenorio in #​955
• ListItem: add fallback-avatar by @​robsontenorio in #​954

New Contributors

• @​CaseMonster made their first contribution in #​945

Full Changelog: robsontenorio/mary@2.4.3...2.4.4

v2.4.3

Compare Source

What's Changed

• Pin: add validation messages by @​AtmoFX in #​931
• ImageLibrary: add @​touchend support for iOS by @​xjavun in #​933
• Icon: apply click events to labels by @​themegazord in #​935
• Signature: fix clear action by @​robsontenorio in #​940
• Table: make date formatter use correct locale by @​robsontenorio in #​938
• Tabs: fix spacing by @​robsontenorio in #​937
• DatePicker: use locale settings to handle the range mode by @​robsontenorio in #​941

New Contributors

• @​xjavun made their first contribution in #​933

Full Changelog: robsontenorio/mary@2.4.2...2.4.3

PHPCSStandards/PHP_CodeSniffer (squizlabs/php_codesniffer)

v3.13.5: - 2025-11-04

Compare Source

Added

• Runtime support for PHP 8.5. All known PHP 8.5 deprecation notices have been fixed.
  • Syntax support for new PHP 8.5 features will follow in a future release.
  • If you find any PHP 8.5 deprecation notices which were missed, please report them.

Changed

• Various housekeeping, including improvements to the tests and documentation.
  • Thanks to Rodrigo Primo and Juliette Reinders Folmer for their contributions.

Fixed

• Fixed bug #​1216: Tokenizer/PHP: added more defensive coding to prevent PHP 8.5 "Using null as an array offset" deprecation notices.
  • Thanks to Andrew Lyons for the patch.
• Fixed bug #​1279: Tokenizer/PHP: on PHP < 8.0, an unclosed attribute (parse error) could end up removing some tokens from the token stream.
  • This could lead to false positives and false negative from sniffs, but could also lead to incorrect fixes being made mangling the file under scan.
  • Thanks to Juliette Reinders Folmer for the patch.

Other

• Please be aware that the master branch has been renamed to 3.x and the default branch has changed to the 4.x branch.
  • If you contribute to PHP_CodeSniffer, you will need to update your local git clone.
  • If you develop against PHP_CodeSniffer and run your tests against dev branches of PHPCS, you will need to update your workflows.

---

New Contributors

The PHP_CodeSniffer project is happy to welcome the following new contributors:
@​andrewnicols

Statistics

Closed: 2 issues
Merged: 36 pull requests

Follow @​phpcs on Mastodon or @​PHP_CodeSniffer on X to stay informed.

Please consider funding the PHP_CodeSniffer project. If you already do so: thank you!

v3.13.4: - 2025-09-05

Compare Source

Fixed

• Fixed bug #​1213: ability to run tests for external standards using the PHPCS native test framework was broken.
  • Thanks to Juliette Reinders Folmer for the patch.
• Fixed bug #​1215: PHP 8.5 "Using null as an array offset" deprecation notices.
  • Thanks to Juliette Reinders Folmer for the patch.

Statistics

Closed: 0 issues
Merged: 3 pull requests

If you like to stay informed about releases and more, follow @​phpcs on Mastodon or @​PHP_CodeSniffer on X.

Please consider funding the PHP_CodeSniffer project. If you already do so: thank you!

v3.13.3: - 2025-09-04

Compare Source

Added

• Tokenizer support for PHP 8.4 dereferencing of new expressions without wrapping parentheses. #​1160
  • Thanks to Juliette Reinders Folmer for the patch.
• Tokenizer support for PHP 8.4 abstract properties. #​1183
  • The File::getMemberProperties() method now also supports abstract properties through a new is_abstract array index in the return value. #​1184
  • Additionally, the following sniffs have been updated to support abstract properties:
    • Generic.PHP.LowerCaseConstant #​1185
    • Generic.PHP.UpperCaseConstant #​1185
    • PSR2.Classes.PropertyDeclaration #​1188
    • Squiz.Commenting.VariableComment #​1186
    • Squiz.WhiteSpace.MemberVarSpacing #​1187
  • Thanks to Juliette Reinders Folmer for the patches
• Tokenizer support for the PHP 8.4 "exit as a function call" change. #​1201
  • When exit/die is used as a fully qualified "function call", it will now be tokenized as T_NS_SEPARATOR + T_EXIT.
  • Additionally, the following sniff has been updated to handle fully qualified exit/die correctly:
    • Squiz.PHP.NonExecutableCode
  • Thanks to Juliette Reinders Folmer for the patches

Changed

• Tokenizer/PHP: fully qualified true/false/null will now be tokenized as T_NS_SEPARATOR + T_TRUE/T_FALSE/T_NULL. #​1201
  • Previously, these were tokenized as T_NS_SEPARATOR + T_STRING.
  • Additionally, the following sniffs have been updated to handle fully qualified true/false/null correctly:
    • Generic.CodeAnalysis.UnconditionalIfStatement
    • Generic.ControlStructures.DisallowYodaConditions
    • PEAR.Functions.ValidDefaultValue
  • Thanks to Juliette Reinders Folmer for the patches.
• Generic.PHP.Syntax: the sniff is now able to scan input provided via STDIN on non-Windows OSes. #​915
  • Thanks to Rodrigo Primo for the patch.
• PSR2.ControlStructures.SwitchDeclaration: the WrongOpener* error code is now auto-fixable if the identified "wrong opener" is a semi-colon. #​1161
  • Thanks to Juliette Reinders Folmer for the patch.
• The PSR2.Classes.PropertyDeclaration will now check that the abstract modifier keyword is placed before a visibility keyword. #​1188
  • Errors will be reported via a new AbstractAfterVisibility error code.
  • Thanks to Juliette Reinders Folmer for the patch.
• Various housekeeping, including improvements to the tests and documentation.
  • Thanks to Bernhard Zwein, Rick Kerkhof, Rodrigo Primo and Juliette Reinders Folmer for their contributions.

Fixed

• Fixed bug #​1112 : --parallel option fails if PHP_CodeSniffer is invoked via bash and the invokation creates a non-PHPCS-managed process.
  • Thanks to Rick Kerkhof for the patch.
• Fixed bug #​1113 : fatal error when the specified "files to scan" would result in the same file being added multiple times to the queue.
  • This error only occured when --parallel scanning was enabled.
  • Thanks to Rodrigo Primo for the patch.
• Fixed bug #​1154 : PEAR.WhiteSpace.ObjectOperatorIndent: false positive when checking multiple chained method calls in a multidimensional array.
  • Thanks to Rodrigo Primo for the patch.
• Fixed bug #​1193 : edge case inconsistency in how empty string array keys for sniff properties are handled.
  • Thanks to Rodrigo Primo and Juliette Reinders Folmer for the patch.
• Fixed bug #​1197 : Squiz.Commenting.FunctionComment: return types containing a class name with underscores would be truncated leading to incorrect results.
  • Thanks to Juliette Reinders Folmer for the patch.

Other

• The Wiki documentation is now publicly editable. 🎉
  • Update proposals can be submittted by opening a pull request in the PHPCSStandards/PHP_CodeSniffer-documentation repository.
    Contributions welcome !
  • Thanks to Anna Filina, Dan Wallis and Juliette Reinders Folmer for their work on getting this set up.
• The Phar website has had a facelift. #​107
  • Thanks to Bernhard Zwein for making this happen!

---

New Contributors

The PHP_CodeSniffer project is happy to welcome the following new contributors:
@​benno5020, @​NanoSector

Statistics

Closed: 11 issues
Merged: 40 pull requests

Follow @​phpcs on Mastodon or @​PHP_CodeSniffer on X to stay informed.

Please consider funding the PHP_CodeSniffer project. If you already do so: thank you!

vimeo/psalm (vimeo/psalm)

v6.12.1

Compare Source

What's Changed

Fixes

• Fix false negatives with mixed in templated value-of/key-of by @​danog in #​11499
• Avoid tainting problems with first-class callables by @​danog

Full Changelog: vimeo/psalm@6.12.0...6.12.1

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.