chore(deps)(deps-dev): bump the development-dependencies group with 7 updates

[dependabot]

Bumps the development-dependencies group with 7 updates:

Package	From	To
turbo	2.8.17	2.8.20
@oclif/plugin-help	6.2.38	6.2.40
@oclif/plugin-plugins	5.4.58	5.4.59
h3	1.15.8	1.15.10
@tailwindcss/postcss	4.2.1	4.2.2
tailwindcss	4.2.1	4.2.2
vite	8.0.0	8.0.1

Updates turbo from 2.8.17 to 2.8.20

Release notes

Sourced from turbo's releases.

Turborepo v2.8.20

What's Changed

Changelog

• fix: Prevent stdin from being dropped for persistent tasks in stream mode by @​anthonyshew in vercel/turborepo#12394

Full Changelog: vercel/turborepo@v2.8.19...v2.8.20

Turborepo v2.8.20-canary.1

What's Changed

Examples

• chore: Upgrade Next.js to 16.2.0 in examples and apps by @​anthonyshew in vercel/turborepo#12389

Changelog

• fix: Detect scoped @turbo/{platform} packages in local binary resolution by @​EmojiPati in vercel/turborepo#12386
• fix: Support legacy unscoped binary package names in Node.js shim by @​anthonyshew in vercel/turborepo#12391
• fix: Prevent stdin from being dropped for persistent tasks in stream mode by @​anthonyshew in vercel/turborepo#12394

New Contributors

• @​EmojiPati made their first contribution in vercel/turborepo#12386

Full Changelog: vercel/turborepo@v2.8.19-canary.3...v2.8.20-canary.1

Turborepo v2.8.19

What's Changed

turbo-ignore

• feat: Deprecate turbo-ignore in favor of turbo query affected by @​anthonyshew in vercel/turborepo#12382
• fix: Tailored turbo-ignore deprecation notice for Vercel users by @​anthonyshew in vercel/turborepo#12385

Examples

• chore: Upgrade Next.js to 16.2.0 in examples and apps by @​anthonyshew in vercel/turborepo#12389

Changelog

• fix: Detect scoped @turbo/{platform} packages in local binary resolution by @​EmojiPati in vercel/turborepo#12386
• fix: Support legacy unscoped binary package names in Node.js shim by @​anthonyshew in vercel/turborepo#12391

New Contributors

• @​EmojiPati made their first contribution in vercel/turborepo#12386

Full Changelog: vercel/turborepo@v2.8.18...v2.8.19

Turborepo v2.8.19-canary.3

What's Changed

turbo-ignore

• fix: Tailored turbo-ignore deprecation notice for Vercel users by @​anthonyshew in vercel/turborepo#12385

... (truncated)

Commits

• b61c532 publish 2.8.20 to registry
• 8f0e719 release(turborepo): 2.8.20-canary.1 (#12395)
• 106fa3e fix: Prevent stdin from being dropped for persistent tasks in stream mode (...
• 66f2c36 release(turborepo): 2.8.19 (#12392)
• 7da779a fix: Support legacy unscoped binary package names in Node shim (#12391)
• 9d977f1 fix: Detect scoped @turbo/{platform} packages in local binary resolution (#...
• 2ff8fc9 chore: Upgrade Next.js to 16.2.0 in examples and apps (#12389)
• ee90d8e release(turborepo): 2.8.19-canary.3 (#12387)
• 4b2eae6 fix: Tailored turbo-ignore deprecation notice for Vercel users (#12385)
• 1885f08 release(turborepo): 2.8.19-canary.2 (#12384)
• Additional commits viewable in compare view

Updates @oclif/plugin-help from 6.2.38 to 6.2.40

Release notes

Sourced from @​oclif/plugin-help's releases.

6.2.40

Bug Fixes

• deps: bump @​oclif/core from 4.9.0 to 4.10.2 (#1107) (4e38fa6)

6.2.39

Bug Fixes

• deps: bump flatted from 3.3.2 to 3.4.2 (#1104) (30584d8)

Changelog

Sourced from @​oclif/plugin-help's changelog.

6.2.40 (2026-03-22)

Bug Fixes

• deps: bump @​oclif/core from 4.9.0 to 4.10.2 (#1107) (4e38fa6)

6.2.39 (2026-03-21)

Bug Fixes

• deps: bump flatted from 3.3.2 to 3.4.2 (#1104) (30584d8)

Commits

• a1b6141 chore(release): 6.2.40 [skip ci]
• 4e38fa6 fix(deps): bump @​oclif/core from 4.9.0 to 4.10.2 (#1107)
• 4f3ebe3 chore(dev-deps): bump eslint-config-oclif from 6.0.149 to 6.0.151 (#1108)
• d9836c9 chore(release): 6.2.39 [skip ci]
• 30584d8 fix(deps): bump flatted from 3.3.2 to 3.4.2 (#1104)
• 1ea3229 chore(dev-deps): bump eslint-config-oclif from 6.0.146 to 6.0.148 (#1101)
• aea5156 chore(dev-deps): bump oclif from 4.22.85 to 4.22.87 (#1102)
• See full diff in compare view

Updates @oclif/plugin-plugins from 5.4.58 to 5.4.59

Release notes

Sourced from @​oclif/plugin-plugins's releases.

5.4.59

Bug Fixes

• bump npm (d19c81c)

Changelog

Sourced from @​oclif/plugin-plugins's changelog.

5.4.59 (2026-03-19)

Bug Fixes

• bump npm (d19c81c)

Commits

• 651f8a4 chore(release): 5.4.59 [skip ci]
• 8994a23 fix: Merge pull request #1291 from oclif/ew/bump-npm
• d19c81c fix: bump npm
• See full diff in compare view

Updates h3 from 1.15.8 to 1.15.10

Release notes

Sourced from h3's releases.

v1.15.10

compare changes

🩹 Fixes

• Preserve percent-encoded req.url in app event handler (#1355)

❤️ Contributors

• Sergio Azócar (@​sergioazoc)

v1.15.9

compare changes

🩹 Fixes

• Preserve %25 in pathname (1103df6)
• static: Prevent path traversal via double-encoded dot segments (%252e%252e) (c56683d)
• sse: Sanitize carriage returns in event stream data and comments (ba3c3fe)

Changelog

Sourced from h3's changelog.

v1.15.10

compare changes

🩹 Fixes

• Preserve percent-encoded req.url in app event handler (#1355)

🏡 Chore

• Update deps (26fec6f)

❤️ Contributors

• Pooya Parsa (@​pi0)
• Sergio Azócar (@​sergioazoc)

v1.15.9

compare changes

🩹 Fixes

• Preserve %25 in pathname (1103df6)
• static: Prevent path traversal via double-encoded dot segments (%252e%252e) (c56683d)
• sse: Sanitize carriage returns in event stream data and comments (ba3c3fe)

🏡 Chore

• release: V1.15.8 (e3b9c9e)
• Update deps (23045df)

❤️ Contributors

• Pooya Parsa (@​pi0)

Commits

• b72bb57 chore(release): v1.15.10
• d8ef318 remove resolutions for h3
• 26fec6f chore: update deps
• 51ca9b3 fix: preserve percent-encoded req.url in app event handler (#1355)
• 4e8d43a chore(release): v1.15.9
• 23045df chore: update deps
• ba3c3fe fix(sse): sanitize carriage returns in event stream data and comments
• c56683d fix(static): prevent path traversal via double-encoded dot segments (`%252e%2...
• e3b9c9e chore(release): v1.15.8
• 1103df6 fix: preserve %25 in pathname
• Additional commits viewable in compare view

Updates @tailwindcss/postcss from 4.2.1 to 4.2.2

Release notes

Sourced from @​tailwindcss/postcss's releases.

v4.2.2

Added

• Support Vite 8 in @tailwindcss/vite (#19790)

Fixed

• Don't crash when candidates contain prototype properties like row-constructor (#19725)
• Canonicalize calc(var(--spacing)*…) expressions into --spacing(…) (#19769)
• Fix crash in canonicalization step when handling utilities containing @property at-rules (e.g. shadow-sm border) (#19727)
• Skip full reload for server only modules scanned by client CSS when using @tailwindcss/vite (#19745)
• Improve canonicalization for bare values exceeding default spacing scale suggestions (e.g. w-1234 h-1234 → size-1234) (#19809)
• Fix canonicalization resulting in empty list (e.g. w-5 h-5 size-5 → '' instead of size-5) (#19812)

Changelog

Sourced from @​tailwindcss/postcss's changelog.

[4.2.2] - 2026-03-18

Fixed

• Don't crash when candidates contain prototype properties like row-constructor (#19725)
• Canonicalize calc(var(--spacing)*…) expressions into --spacing(…) (#19769)
• Fix crash in canonicalization step when handling utilities containing @property at-rules (e.g. shadow-sm border) (#19727)
• Skip full reload for server only modules scanned by client CSS when using @tailwindcss/vite (#19745)
• Add support for Vite 8 in @tailwindcss/vite (#19790)
• Improve canonicalization for bare values exceeding default spacing scale suggestions (e.g. w-1234 h-1234 → size-1234) (#19809)
• Fix canonicalization resulting in empty list (e.g. w-5 h-5 size-5 → '' instead of size-5) (#19812)
• Resolve tsconfig paths to allow for @import '@/path/to/file'; when using @tailwindcss/vite (#19803)

Commits

• d596b0c 4.2.2 (#19821)
• faa5e88 Cleanup inconsistencies related to (regex) escapes (#19804)
• See full diff in compare view

Updates tailwindcss from 4.2.1 to 4.2.2

Release notes

Sourced from tailwindcss's releases.

v4.2.2

Added

• Support Vite 8 in @tailwindcss/vite (#19790)

Fixed

• Don't crash when candidates contain prototype properties like row-constructor (#19725)
• Canonicalize calc(var(--spacing)*…) expressions into --spacing(…) (#19769)
• Fix crash in canonicalization step when handling utilities containing @property at-rules (e.g. shadow-sm border) (#19727)
• Skip full reload for server only modules scanned by client CSS when using @tailwindcss/vite (#19745)
• Improve canonicalization for bare values exceeding default spacing scale suggestions (e.g. w-1234 h-1234 → size-1234) (#19809)
• Fix canonicalization resulting in empty list (e.g. w-5 h-5 size-5 → '' instead of size-5) (#19812)

Changelog

Sourced from tailwindcss's changelog.

[4.2.2] - 2026-03-18

Fixed

• Don't crash when candidates contain prototype properties like row-constructor (#19725)
• Canonicalize calc(var(--spacing)*…) expressions into --spacing(…) (#19769)
• Fix crash in canonicalization step when handling utilities containing @property at-rules (e.g. shadow-sm border) (#19727)
• Skip full reload for server only modules scanned by client CSS when using @tailwindcss/vite (#19745)
• Add support for Vite 8 in @tailwindcss/vite (#19790)
• Improve canonicalization for bare values exceeding default spacing scale suggestions (e.g. w-1234 h-1234 → size-1234) (#19809)
• Fix canonicalization resulting in empty list (e.g. w-5 h-5 size-5 → '' instead of size-5) (#19812)
• Resolve tsconfig paths to allow for @import '@/path/to/file'; when using @tailwindcss/vite (#19803)

Commits

• d596b0c 4.2.2 (#19821)
• 2228a57 Bump Lightning CSS (#19771)
• f302fce Fix canonicalization resulting in empty list (#19812)
• bb2f170 Improve canonicalization for bare values exceeding default spacing scale sugg...
• faa5e88 Cleanup inconsistencies related to (regex) escapes (#19804)
• d5717f2 run prettier
• 51aa9d7 fix(canonicalize): handle utilities with empty property maps in collapse (#19...
• c586bd6 Canonicalize calc(var(--spacing)*…) expressions into --spacing(…) (#19769)
• 9ded4a2 Guard object lookups against inherited prototype properties (#19725)
• See full diff in compare view

Updates vite from 8.0.0 to 8.0.1

Release notes

Sourced from vite's releases.

create-vite@8.0.1

Please refer to CHANGELOG.md for details.

v8.0.1

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.0.1 (2026-03-19)

Features

• update rolldown to 1.0.0-rc.10 (#21932) (b3c067d)

Bug Fixes

• bundled-dev: properly disable inlineConst optimization (#21865) (6d97142)
• css: lightningcss minify failed when build.target: 'es6' (#21933) (5fcce46)
• deps: update all non-major dependencies (#21878) (6dbbd7f)
• dev: always use ESM Oxc runtime (#21829) (d323ed7)
• dev: handle concurrent restarts in _createServer (#21810) (40bc729)
• handle + symbol in package subpath exports during dep optimization (#21886) (86db93d)
• improve no-cors request block error (#21902) (5ba688b)
• use precise regexes for transform filter to avoid backtracking (#21800) (dbe41bd)
• worker: require(json) result should not be wrapped (#21847) (0672fd2)
• worker: make worker output consistent with client and SSR (#21871) (69454d7)

Miscellaneous Chores

• add changelog rearrange script (#21835) (efef073)
• deps: bump required @vitejs/devtools version to 0.1+ (#21925) (12932f5)
• deps: update rolldown-related dependencies (#21787) (1af1d3a)
• rearrange 8.0 changelog (8e05b61)
• rearrange 8.0 changelog (#21834) (86edeee)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
objectstack-play	Ready	Preview, Comment	Mar 23, 2026 10:28am

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
spec	Ignored		Mar 23, 2026 10:28am