Skip to content

fix(deps): update dependency next-themes to ^0.4.0#405

Open
renovate[bot] wants to merge 1 commit intomainfrom
renovate/next-themes-0.x
Open

fix(deps): update dependency next-themes to ^0.4.0#405
renovate[bot] wants to merge 1 commit intomainfrom
renovate/next-themes-0.x

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Dec 12, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
next-themes ^0.3.0^0.4.0 age confidence

Release Notes

pacocoursey/next-themes (next-themes)

v0.4.6

Compare Source

What's Changed

  • fix: add null check for value in updateDOM function to prevent runtime errors and flashing by @​groveom in #​344

New Contributors

Full Changelog: pacocoursey/next-themes@v0.4.5...v0.4.6

v0.4.5

Compare Source

What's Changed

New Contributors

Full Changelog: pacocoursey/next-themes@v0.4.4...v0.4.5

v0.4.4

Compare Source

What's Changed

New Contributors

Full Changelog: pacocoursey/next-themes@v0.4.3...v0.4.4

v0.4.3

Compare Source

What's Changed

  • Pass nonce to inline style tag when using disableTransitionOnChange

Full Changelog: pacocoursey/next-themes@v0.4.2...v0.4.3

v0.4.2

Compare Source

What's Changed

New Contributors

Full Changelog: pacocoursey/next-themes@v0.4.1...v0.4.2

v0.4.1

Compare Source

What's Changed

New Contributors

Full Changelog: pacocoursey/next-themes@v0.4.0...v0.4.1

v0.4.0

Compare Source

What's Changed

New Contributors

Full Changelog: pacocoursey/next-themes@v0.3.0...v0.4.0

Configuration

📅 Schedule: Branch creation - "before 10am on friday" in timezone Europe/London, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added dependencies Renovatebot and dependabot updates frontend javascript Pull requests that update javascript code labels Dec 12, 2025
@env0
Copy link

env0 bot commented Dec 12, 2025
edited
Loading

🚀  env0 had composed a PR Plan for environment Terraform Example / production :

Plan: 0 to add, 1 to change, 0 to destroy.
Plan Details 
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
!   update in-place

Terraform will perform the following actions:


  # module.heritage[0].aws_rds_cluster.face_database will be updated in-place
!   resource "aws_rds_cluster" "face_database" {
        id                                    = "facial-recognition-terraform-example"
        tags                                  = {}
        # (46 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Failed to calculate cost estimation

Full PR Plan logs on env0

@github-actions
Copy link

github-actions bot commented Dec 12, 2025
edited
Loading

Open in Overmind ↗

model|risks_v6
✨Encryption Key State Risk ✨KMS Key Creation

🔴 Change Signals

Routine 🔴 ▇▅▃▂▁ AWS instance resources showing infrequent updates with only 1 event/week for the last 6 weeks, which is unusual compared to typical patterns.
Policies 🔴 ▃▂▁ Multiple S3 buckets are missing required tags and lack server-side encryption, while security groups allow SSH access from anywhere, which is a security risk and unusual compared to typical patterns.

View signals ↗

🔥 Risks

Tip

✔ All risks disproven

We investigated 3 potential risks across 45 resources and verified each was safe. See the investigation details below.

🧠 Reasoning · ✖ 3 · ✔ 0

Elastic IP 13.134.236.98 association/update may disrupt external access, load balancers, and DNS

Observations 9

Hypothesis

Updates to Elastic IP 13.134.236.98 may change or remove its association with ENI eni-020b762e197effb8a and instance i-06454595ec548264a (private IP 10.0.101.48). Because this EIP is currently used for external access and has security groups allowing Internet traffic, any reassociation, release, or change of this public IP can disrupt public reachability for services, NAT, or load-balanced targets depending on it. This can break inbound client access, upstream integrations, and external health checks for resources such as ELB/ALB target group 'api-health-terraform-example', even while internal DNS and VPC routing appear normal. DNS records like global.dns.ec2-13-134-236-98... that point to this IP may become stale or resolve to the wrong instance if the EIP mapping changes, causing service downtime unless DNS records and TTLs are coordinated with the EIP change.

Investigation

I checked the actual plan and current state. The only relevant planned changes are: 1) the EC2 instance i-06454595ec548264a is being replaced (AMI change), 2) the aws_lb_target_group_attachment for api_server_ip is being replaced, and 3) the Elastic IP resource 13.134.236.98 shows an 'updated' marker but no attribute diffs. Current state shows the EIP 13.134.236.98 is associated to ENI eni-020b762e197effb8a on that instance and tagged as production-api-eip. There is no evidence the EIP will be released or the public IP value will change; a re-association to the replacement instance preserves the same public IP and AWS-provided public DNS that is derived from the IP itself, so DNS does not become stale when only the association target changes. This matches AWS behavior for EIPs and hostname types where the hostname encodes the IP and remains stable if the IP is unchanged. The internet-facing ALB (api-207c90ee-alb) targets instance i-0761431bc27804588 via target group api-207c90ee-tg, not the EIP-backed instance, while the 'api-health-terraform-example' target group is type=ip against private IP 10.0.101.48 and will be updated via the planned target group attachment replacement; neither path depends on the EIP value. At most, a brief blip could occur during instance replacement due to disassociation/reattachment, but that is not the claimed broad disruption from changing or losing the EIP, and no apply-blocking issues are indicated. Therefore, the hypothesis is speculative and not supported by the diffs and current topology.

✖ Hypothesis disproven

EC2 instance replacement/AMI change impacting networking, load balancer targets, and dependent resources

Observations 5

Hypothesis

Replacing EC2 instance i-06454595ec548264a with a new AMI (from ami-00bfb... to ami-035c2...) changes the underlying OS image and instance configuration. This can alter networking behavior, installed agents, monitoring/metrics, and compatibility with existing tooling. During replacement, dependent resources such as ENI eni-020b762e197effb8a, primary private IP 10.0.101.48, Elastic IP 13.134.236.98, DNS records, and attached volumes may be detached, reattached, or replaced. These changes can cause downtime, IP changes, broken DNS mappings, and loss of load balancer connectivity for services relying on stable instance identity (IP, ENI, DNS, security groups, instance-status relationships). Because the ALB target group registers the target by IP (10.0.101.48), detaching or reassigning this private IP during replacement can lead to target deregistration or persistent health check failures, disrupting traffic to services behind the target group. Hibernation is also reset to null, potentially affecting stop/start behavior and expectations.

Investigation

I reviewed the planned diffs and the current state of related resources. The instance i-06454595ec548264a is being replaced due to an AMI change, but there are no networking attribute changes in the diff (same instance type, same source/dest check, no SG/subnet changes). The Elastic IP 13.134.236.98 resource is marked as updated, which is consistent with re-association to the replacement ENI during instance replacement, and its current association is through eni-020b762e197effb8a with private IP 10.0.101.48. Importantly, the plan also replaces the aws_lb_target_group_attachment resource (module.api_access[0].aws_lb_target_group_attachment.api_server_ip), which accounts for re-registering the target with the new instance’s IP after replacement. In the current state, the target registered by IP 10.0.101.48 belongs to the ‘api-health-terraform-example’ target group behind the ‘mon-internal-terraform-example’ NLB (TargetType=ip, Port 9090) and is healthy; this is not an ALB registration. The API ALB target group (‘api-207c90ee-tg’) uses TargetType=instance and currently points at a different instance (i-0761431bc27804588), so the hypothesis’s claim about the ALB registering this instance by IP is incorrect. While a brief interruption is inherent to replacing a single instance, the specific risks asserted—broken DNS mappings, persistent health check failures due to IP detachment, and ALB-by-IP deregistration—are not supported by the evidence, and the plan explicitly updates the target attachment and EIP to keep things consistent post-replacement. Hibernation changing to null does not introduce runtime or connectivity risk here.

✖ Hypothesis disproven

EBS volume with DeleteOnTermination risk during EC2 replacement

Observations 1

Hypothesis

EBS volume vol-0e2b4296b2bd81424 attached to EC2 instance i-06454595ec548264a has DeleteOnTermination=true. When the instance is replaced via Terraform, this setting may cause the volume to be deleted rather than preserved, or detached and recreated. This creates risk of permanent data loss and downtime for any services or state relying on that volume’s contents, unless explicit backups or volume preservation steps are taken.

Investigation

I checked the current state and the planned diffs. The volume vol-0e2b4296b2bd81424 is the root device (/dev/xvda) of EC2 instance i-06454595ec548264a and has DeleteOnTermination=true. The instance is being replaced due to an AMI change. According to AWS documentation, the default behavior for EBS root volumes attached at launch is DeleteOnTermination=true, meaning the root volume is deleted when the instance is terminated; this is expected cleanup, not inherently a data-loss error. There is no evidence of additional data volumes attached to this instance or any configuration indicating that application state relies on persisting the root disk. The plan does not attempt to preserve or reattach this specific volume, and nothing else references it. Without evidence that critical state lives on the root volume, this hypothesis is speculative. Therefore, I do not consider this a real risk caused by this change. Sources: AWS docs on preserving volumes and DeleteOnTermination behavior. (docs.aws.amazon.com)

✖ Hypothesis disproven

💥 Blast Radius

Items 45

Edges 157

github-actions[bot]
github-actions bot approved these changes Dec 12, 2025
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overmind

✅ Auto-Approved

🟢 Decision

Auto-approved: All safety checks passed

🔥 Risks Summary

High 0 · Medium 0 · Low 0

View full analysis in Overmind ↗

@renovate renovate bot force-pushed the renovate/next-themes-0.x branch from 9da0710 to 791681f Compare December 31, 2025 13:15
github-actions[bot]
github-actions bot requested changes Dec 31, 2025
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overmind

⛔ Auto-Blocked

🔴 Decision

Auto-blocked: Policy signal (-3) is below threshold (-2)

📊 Signals Summary

Policies 🔴 -3

🔥 Risks Summary

High 0 · Medium 0 · Low 0

View full analysis in Overmind ↗

@renovate renovate bot force-pushed the renovate/next-themes-0.x branch from 791681f to af341d7 Compare January 8, 2026 17:08
github-actions[bot]
github-actions bot requested changes Jan 8, 2026
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overmind

⛔ Auto-Blocked

🔴 Decision

Auto-blocked: Policy signal (-3) is below threshold (-2)

📊 Signals Summary

Policies 🔴 -3

🔥 Risks Summary

High 0 · Medium 0 · Low 0

View full analysis in Overmind ↗

@renovate renovate bot force-pushed the renovate/next-themes-0.x branch from af341d7 to 1c4f2cb Compare January 19, 2026 19:58
github-actions[bot]
github-actions bot requested changes Jan 19, 2026
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overmind

⛔ Auto-Blocked

🔴 Decision

Auto-blocked: Policy signal (-3) is below threshold (-2)

📊 Signals Summary

Policies 🔴 -3

🔥 Risks Summary

High 0 · Medium 0 · Low 0

View full analysis in Overmind ↗

@renovate renovate bot force-pushed the renovate/next-themes-0.x branch from 1c4f2cb to 7f8b713 Compare January 23, 2026 19:33
github-actions[bot]
github-actions bot requested changes Jan 23, 2026
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overmind

⛔ Auto-Blocked

🔴 Decision

Auto-blocked: Policy signal (-3) is below threshold (-2)

📊 Signals Summary

Policies 🔴 -3

Routine 🟢 +5

🔥 Risks Summary

High 0 · Medium 2 · Low 0

💥 Blast Radius

Items 72 · Edges 224

View full analysis in Overmind ↗

@renovate renovate bot changed the title fix(deps): update dependency next-themes to ^0.4.0 Update dependency next-themes to ^0.4.0 Jan 29, 2026
@renovate renovate bot changed the title Update dependency next-themes to ^0.4.0 fix(deps): update dependency next-themes to ^0.4.0 Jan 29, 2026
@renovate renovate bot changed the title fix(deps): update dependency next-themes to ^0.4.0 Update dependency next-themes to ^0.4.0 Jan 29, 2026
@renovate renovate bot changed the title Update dependency next-themes to ^0.4.0 fix(deps): update dependency next-themes to ^0.4.0 Jan 29, 2026
@renovate renovate bot changed the title fix(deps): update dependency next-themes to ^0.4.0 Update dependency next-themes to ^0.4.0 Jan 29, 2026
@renovate renovate bot changed the title Update dependency next-themes to ^0.4.0 fix(deps): update dependency next-themes to ^0.4.0 Jan 30, 2026
@renovate renovate bot force-pushed the renovate/next-themes-0.x branch from 7f8b713 to 03df8bb Compare February 2, 2026 19:38
@renovate renovate bot force-pushed the renovate/next-themes-0.x branch from 03df8bb to 47d4503 Compare February 12, 2026 17:10
github-actions[bot]
github-actions bot requested changes Feb 12, 2026
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overmind

⛔ Auto-Blocked

🔴 Decision

Auto-blocked: Policy signal (-3) is below threshold (-2); Routine score (-5) is below minimum (-1)

📊 Signals Summary

Routine 🔴 -5

Policies 🔴 -3

🔥 Risks Summary

High 0 · Medium 0 · Low 0

💥 Blast Radius

Items 45 · Edges 157

View full analysis in Overmind ↗

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

dependencies Renovatebot and dependabot updates frontend javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants