fix(deps)(deps): bump the production-dependencies group across 1 directory with 10 updates

[dependabot]

Updates the requirements on @tailwindcss/typography, @vercel/ncc, discord-api-types, drizzle-kit, drizzle-orm, drizzle-zod, esbuild, hume, lucide-react and zustand to permit the latest version.
Updates @tailwindcss/typography to 0.5.19

Release notes

Sourced from @​tailwindcss/typography's releases.

v0.5.19

Fixed

• Fixed broken color styles (#405)

Changelog

Sourced from @​tailwindcss/typography's changelog.

[0.5.19] - 2025-09-24

Fixed

• Fixed broken color styles (#405)

[0.5.18] - 2025-09-19

Fixed

• Fixed undefined variable error (#403)

[0.5.17] - 2025-09-19

Added

• Add modifiers for description list elements (#357)
• Add prose-picture modifier (#367)

Fixed

• Include unit in hr border-width value (#379)
• Ensure <kbd> styles work with Tailwind CSS v4 (#387)

Changed

• Remove lodash dependencies (#402)

[0.5.16] - 2025-01-07

Fixed

• Support installing with beta versions of Tailwind CSS v4 (#365)

[0.5.15] - 2024-08-28

Fixed

• Support installing with alpha versions of Tailwind CSS v4 (#358)

[0.5.14] - 2024-08-07

Fixed

• Fix table text alignment (#346)

[0.5.13] - 2024-04-26

Fixed

... (truncated)

Commits

• e002ab8 0.5.19
• bbb1c21 Fix bad RGB syntax (#405)
• b316f95 0.5.18
• ed95206 Fix variable declaration in opacity function (#403)
• 7efcb4a 0.5.17
• e0ec248 chore(ci): update actions for release insiders
• 511afcb Add modifiers for description list elements (#357)
• 042a531 Add prose-picture modifiers (#367)
• f822222 Fix kbd shadow colors not being calculated on oklch colors (#387)
• ecb7e87 Add Tailwind v4 custom color theme example to README (#396)
• Additional commits viewable in compare view

Updates @vercel/ncc to 0.38.4

Release notes

Sourced from @​vercel/ncc's releases.

0.38.4

0.38.4 (2025-09-18)

Bug Fixes

• cjs-build: enable evaluating import.meta in cjs build (#1236) (e72d34d), closes vercel/ncc#897 #1019

Commits

• e72d34d fix(cjs-build): enable evaluating import.meta in cjs build (#1236)
• 186af2b chore(deps): Bump amannn/action-semantic-pull-request from 5.5.3 to 6.1.1 (#1...
• 162c7d4 chore(deps): Bump actions/checkout from 4 to 5 (#1283)
• 24734b5 chore(deps): Bump cipher-base from 1.0.4 to 1.0.6 (#1280)
• 7bf44d5 chore(deps): Bump sha.js from 2.4.11 to 2.4.12 (#1281)
• 50f1851 chore(deps): Bump tmp from 0.2.3 to 0.2.4 (#1278)
• d797f1b chore(deps-dev): Bump koa from 2.16.1 to 3.0.1 (#1272)
• 9bdbd47 chore(deps): Bump pbkdf2 from 3.1.2 to 3.1.3 (#1266)
• cbfd660 chore(deps-dev): bump test deps for aws-sdk (#1263)
• d17397f chore(deps-dev): Bump axios from 1.7.7 to 1.8.2 (#1262)
• Additional commits viewable in compare view

Updates discord-api-types to 0.38.48

Release notes

Sourced from discord-api-types's releases.

0.38.48

0.38.48 (2026-05-25)

Features

• OAuth2: add integration_type param (#1643 by @​RiskyMH) (22b7320)
• OAuth2Scopes: add IdentifyPremium scope (#1648 by @​kshitijanurag) (bd7f4b6)
• Routes: add DELETE method for userApplicationRoleConnection() (#1654 by @​kshitijanurag) (60b49bc)

New Contributors

• @​RiskyMH made their first contribution in discordjs/discord-api-types#1643

Full Changelog: discordjs/discord-api-types@0.38.47...0.38.48

Changelog

Sourced from discord-api-types's changelog.

0.38.48 (2026-05-25)

Features

• OAuth2: add integration_type param (#1643) (22b7320)
• OAuth2Scopes: add IdentifyPremium scope (#1648) (bd7f4b6)
• Routes: add DELETE method for userApplicationRoleConnection() (#1654) (60b49bc)

0.38.47 (2026-04-16)

Features

• RESTJSONErrorCodes: add CannotForwardMessageWithUnreadableContent (#1628) (09c71fe)
• RESTJSONErrorCodes: rename ChannelSendRateLimit to ChannelWriteRateLimit (#1627) (d5dc47a)

0.38.46 (2026-04-13)

Bug Fixes

• APIUser global_name description (#1586) (d165766)
• Channel: add applied_tags to forum thread form data body (#1615) (19d04c0)
• Gateway: correct scheduled event user remove dispatch type (#1614) (b2a8b74)
• ReactionType: rename Super to Burst (#1613) (c21ae24)
• Webhook: add delete message query, fix thread_id type (#1611) (27ef064)

Features

• Message: more attachment and embed fields and flags (#1609) (702e541)
• UserFlags: mark ActiveDeveloper as deprecated (#1604) (5acf5c5)

0.38.45 (2026-04-09)

Bug Fixes

• OAuth2: include flags in current application result (#1610) (1506ff0)
• User: use Snowflake for DM recipient_id (#1612) (3a296fa)

0.38.44 (2026-04-02)

Bug Fixes

• APIApplication: make event_webhooks_status optional (#1603) (c76a1bc)

0.38.43 (2026-03-28)

... (truncated)

Commits

• f690ee1 chore(release): 0.38.48 🎉 (#1667)
• 23bb0e8 chore(deps): update commitlint monorepo to v21 (#1653)
• 7989125 chore(deps): update dependency @​actions/glob to ^0.7.0 (#1640)
• 36aaff3 chore(deps): bump fast-uri from 3.0.3 to 3.1.2 in /website (#1656)
• a4ca66e chore(deps): bump @​babel/plugin-transform-modules-systemjs from 7.25.9 to 7.2...
• 1f79ad4 chore(deps): update dependency lint-staged to v17 (#1651)
• 32ee7cb docs(Message): update wording in mention_channels and resolved descriptio...
• 22b7320 feat(OAuth2): add integration_type param (#1643)
• bd7f4b6 feat(OAuth2Scopes): add IdentifyPremium scope (#1648)
• 5be1ad2 chore(deps): update pnpm/action-setup action to v6 (#1636)
• Additional commits viewable in compare view

Updates drizzle-kit to 0.31.10

Release notes

Sourced from drizzle-kit's releases.

drizzle-kit@0.31.10

• Updated to hanji@0.0.8 - native bun stringWidth, stripANSI support, errors for non-TTY environments
• We've migrated away from esbuild-register to tsx loader, it will now allow to use drizzle-kit seamlessly with both ESM and CJS modules
• We've also added native Bun and Deno launch support, which will not trigger tsx loader and utilise native bun and deno imports capabilities and faster startup times

Commits

• 4aa6ecf Kit updates (#5490)
• e8e6edf feat(drizzle-kit): support d1 via binding (#5302)
• a086f59 Fixed pg-native Pool detection in node-postgres transactions breaking in envi...
• c445637 Merge pull request #5095 from drizzle-team/main-workflows
• e7b3aaa Merge branch 'main' into main-workflows
• 0d885a5 refactor: Update condition for run-feature job to improve clarity and functio...
• 45a1ffb Merge pull request #5087 from drizzle-team/main-workflows
• 6357645 chore: Comment out NEON_HTTP_CONNECTION_STRING requirement in release workflows
• 53dec98 refactor: Simplify release router workflow by removing unnecessary switch job...
• ce88a18 Merge remote-tracking branch 'origin/ext-deps-kit' into main-workflows
• Additional commits viewable in compare view

Updates drizzle-orm from 0.44.7 to 0.45.2

Release notes

Sourced from drizzle-orm's releases.

0.45.2

• Fixed sql.identifier(), sql.as() escaping issues. Previously all the values passed to this functions were not properly escaped causing a possible SQL Injection (CWE-89) vulnerability

Thanks to @​EthanKim88, @​0x90sh and @​wgoodall01 for reaching out to us with a reproduction and suggested fix

0.45.1

• Fixed pg-native Pool detection in node-postgres transactions breaking in environments with forbidden require() (#5107)

0.45.0

• Fixed pg-native Pool detection in node-postgres transactions
• Allowed subqueries in select fields
• Updated typo algorythm => algorithm
• Fixed $onUpdate not handling SQL values (fixes #2388, tests implemented by L-Mario564 in #2911)
• Fixed pg mappers not handling Date instances in bun-sql:postgresql driver responses for date, timestamp types (fixes #4493)

Commits

• 273c780 + 0.45.2 (#5534)
• 4aa6ecf Kit updates (#5490)
• e8e6edf feat(drizzle-kit): support d1 via binding (#5302)
• a086f59 Fixed pg-native Pool detection in node-postgres transactions breaking in envi...
• c445637 Merge pull request #5095 from drizzle-team/main-workflows
• e7b3aaa Merge branch 'main' into main-workflows
• 0d885a5 refactor: Update condition for run-feature job to improve clarity and functio...
• 45a1ffb Merge pull request #5087 from drizzle-team/main-workflows
• 6357645 chore: Comment out NEON_HTTP_CONNECTION_STRING requirement in release workflows
• 53dec98 refactor: Simplify release router workflow by removing unnecessary switch job...
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for drizzle-orm since your current version.

Updates drizzle-zod from 0.5.1 to 0.8.3

Commits

• See full diff in compare view

Updates esbuild from 0.25.12 to 0.28.0

Release notes

Sourced from esbuild's releases.

v0.28.0

• Add support for with { type: 'text' } imports (#4435)

  The import text proposal has reached stage 3 in the TC39 process, which means that it's recommended for implementation. It has also already been implemented by Deno and Bun. So with this release, esbuild also adds support for it. This behaves exactly the same as esbuild's existing text loader. Here's an example:

  import string from './example.txt' with { type: 'text' }
  console.log(string)

• Add integrity checks to fallback download path (#4343)

  Installing esbuild via npm is somewhat complicated with several different edge cases (see esbuild's documentation for details). If the regular installation of esbuild's platform-specific package fails, esbuild's install script attempts to download the platform-specific package itself (first with the npm command, and then with a HTTP request to registry.npmjs.org as a last resort).

  This last resort path previously didn't have any integrity checks. With this release, esbuild will now verify that the hash of the downloaded binary matches the expected hash for the current release. This means the hashes for all of esbuild's platform-specific binary packages will now be embedded in the top-level esbuild package. Hopefully this should work without any problems. But just in case, this change is being done as a breaking change release.

• Update the Go compiler from 1.25.7 to 1.26.1

  This upgrade should not affect anything. However, there have been some significant internal changes to the Go compiler, so esbuild could potentially behave differently in certain edge cases:

  • It now uses the new garbage collector that comes with Go 1.26.
  • The Go compiler is now more aggressive with allocating memory on the stack.
  • The executable format that the Go linker uses has undergone several changes.
  • The WebAssembly build now unconditionally makes use of the sign extension and non-trapping floating-point to integer conversion instructions.

  You can read the Go 1.26 release notes for more information.

v0.27.7

• Fix lowering of define semantics for TypeScript parameter properties (#4421)

  The previous release incorrectly generated class fields for TypeScript parameter properties even when the configured target environment does not support class fields. With this release, the generated class fields will now be correctly lowered in this case:

  // Original code
  class Foo {
    constructor(public x = 1) {}
    y = 2
  }
  // Old output (with --loader=ts --target=es2021)
  class Foo {
  constructor(x = 1) {
  this.x = x;
  __publicField(this, "y", 2);
  }
  x;
  }
  // New output (with --loader=ts --target=es2021)
  class Foo {

... (truncated)

Changelog

Sourced from esbuild's changelog.

Changelog: 2025

This changelog documents all esbuild versions published in the year 2025 (versions 0.25.0 through 0.27.2).

0.27.2

• Allow import path specifiers starting with #/ (#4361)

  Previously the specification for package.json disallowed import path specifiers starting with #/, but this restriction has recently been relaxed and support for it is being added across the JavaScript ecosystem. One use case is using it for a wildcard pattern such as mapping #/* to ./src/* (previously you had to use another character such as #_* instead, which was more confusing). There is some more context in nodejs/node#49182.

  This change was contributed by @​hybrist.

• Automatically add the -webkit-mask prefix (#4357, #4358)

  This release automatically adds the -webkit- vendor prefix for the mask CSS shorthand property:

  /* Original code */
  main {
    mask: url(x.png) center/5rem no-repeat
  }
  /* Old output (with --target=chrome110) */
  main {
  mask: url(x.png) center/5rem no-repeat;
  }
  /* New output (with --target=chrome110) */
  main {
  -webkit-mask: url(x.png) center/5rem no-repeat;
  mask: url(x.png) center/5rem no-repeat;
  }

  This change was contributed by @​BPJEnnova.

• Additional minification of switch statements (#4176, #4359)

  This release contains additional minification patterns for reducing switch statements. Here is an example:

  // Original code
  switch (x) {
    case 0:
      foo()
      break
    case 1:
    default:
      bar()
  }

... (truncated)

Commits

• 6a794df publish 0.28.0 to npm
• 64ee0ea fix #4435: support with { type: text } imports
• ef65aee fix sort order in snapshots_packagejson.txt
• 1a26a8e try to fix test-old-ts, also shuffle CI tasks
• 556ce6c use '' instead of null to omit build hashes
• 8e675a8 ci: allow missing binary hashes for tests
• 7067763 Reapply "update go 1.25.7 => 1.26.1"
• 39473a9 fix #4343: integrity check for binary download
• 2025c9f publish 0.27.7 to npm
• c6b586e fix typo in Makefile for @esbuild/win32-x64
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for esbuild since your current version.

Updates hume from 0.12.2 to 0.15.17

Release notes

Sourced from hume's releases.

0.15.17

What's Changed

• new TTS parameter: temperature (experimental) - controls sampling temperature for speech generation

Full Changelog: HumeAI/hume-typescript-sdk@0.15.16...0.15.17

0.15.16

What's Changed

• new config options: Turn Detection, Interruption

Full Changelog: HumeAI/hume-typescript-sdk@0.15.15...0.15.16

0.15.15

What's Changed

• add new external LLM model: claude-opus-4-6
• rm external LLM model: gemini-3-flash-preview that was erroneously released in the previous version (not available yet on Google U.S. server)

Full Changelog: HumeAI/hume-typescript-sdk@0.15.14...0.15.15

0.15.14

What's Changed

• add prompt_expansion parameter for external LLMs (link to docs)
• add new external LLM models: claude-opus-4-6, gpt-5.1, gpt-5.1-priority, gpt-5.2, gpt-5.2-priority
• upd config creation: external LLM model_provider is now fully optional, providing just the model_resource is enough
• fix missing external LLM provider: X_AI

Full Changelog: HumeAI/hume-typescript-sdk@0.15.13...0.15.14

0.15.13

What's Changed

• upd docstrings for intellisense
• 🌿 Fern Regeneration -- February 9, 2026 by @​fern-api[bot] in HumeAI/hume-typescript-sdk#713

Full Changelog: HumeAI/hume-typescript-sdk@0.15.12...0.15.13

v0.15.12

What's Changed

• fix WebSocket queryParams and voice_id (backwards-compatibility): HumeAI/hume-typescript-sdk#701

Full Changelog: HumeAI/hume-typescript-sdk@0.15.11...0.15.12

v0.15.11

What's Changed

• (fix) rename ChatClient to Chat by @​ivaaan in HumeAI/hume-typescript-sdk#686

Full Changelog: HumeAI/hume-typescript-sdk@0.15.10...0.15.11

0.15.10

What's Changed

• (fix) Improve type annotations for the hume.tts.streamInput client by @​ivaaan in HumeAI/hume-typescript-sdk#661

... (truncated)

Commits

• 28f6d43 SDK regeneration (#729)
• c1ad703 SDK regeneration (#726)
• 5c51849 🌿 Fern Regeneration -- February 27, 2026 (#723)
• a8df4f4 🌿 Fern Regeneration -- February 27, 2026 (#721)
• 43c2b92 fixes tool test (#722)
• 91e6de1 🌿 Fern Regeneration -- February 27, 2026 (#720)
• c5e6b1c [github actions] Bump stefanzweifel/git-auto-commit-action from 5 to 7 (#707)
• bb1fd83 🌿 Fern Regeneration -- February 9, 2026 (#713)
• d404eab Update publishing scripts to have complete config for OIDC (#708)
• 3f787bd Ci publish2 (#706)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for hume since your current version.

Updates lucide-react from 0.525.0 to 0.577.0

Release notes

Sourced from lucide-react's releases.

Version 0.577.0

What's Changed

• chore(deps): bump rollup from 4.53.3 to 4.59.0 by @​dependabot[bot] in lucide-icons/lucide#4106
• fix(repo): correctly ignore docs/releaseMetadata via .gitignore by @​bhavberi in lucide-icons/lucide#4100
• feat(icons): added ellipse icon by @​KISHORE-KUMAR-S in lucide-icons/lucide#3749

New Contributors

• @​bhavberi made their first contribution in lucide-icons/lucide#4100
• @​KISHORE-KUMAR-S made their first contribution in lucide-icons/lucide#3749

Full Changelog: lucide-icons/lucide@0.576.0...0.577.0

Version 0.576.0

What's Changed

• Added zodiac signs by @​karsa-mistmere in lucide-icons/lucide#712
• fix(icons): fixes guideline violations in package-* icons. by @​karsa-mistmere in lucide-icons/lucide#4074
• fix(icons): changed receipt icon by @​karsa-mistmere in lucide-icons/lucide#4075
• fix(icons): updated cuboid icon tags and categories by @​karsa-mistmere in lucide-icons/lucide#4095
• fix(icons): changed cuboid icon by @​jamiemlaw in lucide-icons/lucide#4098
• fix(lucide-font, lucide-static): Fixing stable code points by @​ericfennis in lucide-icons/lucide#3894
• feat(icons): added fishing-rod icon by @​7ender in lucide-icons/lucide#3839

Full Changelog: lucide-icons/lucide@0.575.0...0.576.0

Version 0.575.0

What's Changed

• feat(icons): added message-square-check icon by @​karsa-mistmere in lucide-icons/lucide#4076
• fix(lucide): Fix ESM Module output path in build by @​ericfennis in lucide-icons/lucide#4084
• feat(icons): added metronome icon by @​edwloef in lucide-icons/lucide#4063
• fix(icons): remove execution permission of SVG files by @​duckafire in lucide-icons/lucide#4053
• fix(icons): changed file-pen-line icon by @​jguddas in lucide-icons/lucide#3970
• feat(icons): added square-arrow-right-exit and square-arrow-right-enter icons by @​EthanHazel in lucide-icons/lucide#3958
• fix(icons): renamed flip-* to square-centerline-dashed-* by @​jguddas in lucide-icons/lucide#3945

New Contributors

• @​edwloef made their first contribution in lucide-icons/lucide#4063
• @​duckafire made their first contribution in lucide-icons/lucide#4053

Full Changelog: lucide-icons/lucide@0.573.0...0.575.0

Version 0.574.0

What's Changed

• fix(icons): changed rocking-chair icon by @​jamiemlaw in lucide-icons/lucide#3445
• fix(icons): flipped coins icon by @​jguddas in lucide-icons/lucide#3158
• feat(icons): added x-line-top icon by @​jguddas in lucide-icons/lucide#2838
• feat(icons): added mouse-left icon by @​marvfash in lucide-icons/lucide#2788
• feat(icons): added mouse-right icon by @​marvfash in lucide-icons/lucide#2787

New Contributors

... (truncated)

Commits

• f6c0d06 chore(deps): bump rollup from 4.53.3 to 4.59.0 (#4106)
• 67c0485 feat(scripts): added helper script to automatically update OpenCollective bac...
• b6ed43d feat(packages): Added aria-hidden fallback for decorative icons to all packag...
• 076e0bb chore(dependencies): Update dependencies (#3809)
• 80d6f73 fix(icons): Rename fingerprint icon to fingerprint-pattern (#3767)
• 1cfb3ff chore(deps-dev): bump vite from 6.3.5 to 6.3.6 (#3611)
• e71198d chore: icon alias improvements (#2861)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for lucide-react since your current version.

Updates zustand from 5.0.6 to 5.0.14

Release notes

Sourced from zustand's releases.

v5.0.14

This release fixes a type issue in devtools.

What's Changed

• fix(devtools): improve type inference for Devtools initializer by @​dbritto-dev in pmndrs/zustand#3511

New Contributors

• @​TheSeydiCharyyev made their first contribution in pmndrs/zustand#3487
• @​brofrong made their first contribution in pmndrs/zustand#3496
• @​hyun907 made their first contribution in pmndrs/zustand#3506

Full Changelog: pmndrs/zustand@v5.0.13...v5.0.14

v5.0.13

This release includes an improvement in the devtools middleware.

What's Changed

• refactor(devtools): remove duplicate module augmentation by @​mahmoodhamdi in pmndrs/zustand#3443
• fix(devtools): support Firefox/Safari stack format in findCallerName by @​SBolsec in pmndrs/zustand#3469

New Contributors

• @​mahmoodhamdi made their first contribution in pmndrs/zustand#3443
• @​FelixEckl-vireq made their first contribution in pmndrs/zustand#3466
• @​KimHyeongRae0 made their first contribution in pmndrs/zustand#3471
• @​lstak made their first contribution in pmndrs/zustand#3483
• @​AlexRixten made their first contribution in pmndrs/zustand#3474
• @​SBolsec made their first contribution in pmndrs/zustand#3469

Full Changelog: pmndrs/zustand@v5.0.12...v5.0.13

v5.0.12

Two small fixes.

What's Changed

• fix(persist): use latest state in post-rehydration callback by @​Shohjahon-n in pmndrs/zustand#3391
• fix(devtools): correct redux devtools config type extension by @​grigoriy-reshetniak in pmndrs/zustand#3414

New Contributors

• @​pavan-sh made their first contribution in pmndrs/zustand#3378
• @​Copilot made their first contribution in pmndrs/zustand#3395
• @​Aravindsreeni made their first contribution in pmndrs/zustand#3400
• @​wallzero made their first contribution in pmndrs/zustand#3401
• @​chaesunbak made their first contribution in pmndrs/zustand#3405
• @​Shohjahon-n made their first contribution in pmndrs/zustand#3391

Full Changelog: pmndrs/zustand@v5.0.11...v5.0.12

v5.0.11

This release includes small improvements in middleware thanks to contributors.

... (truncated)

Commits

• bfb2a9e 5.0.14
• 62b2aff chore(deps): update dev dependencies (#3513)
• ad77bd3 fix(devtools): improve type inference for Devtools initializer (#3511)
• 8476d2c update pnpm etc (#3512)
• d690ec2 docs(combine): add object constraints to T and U in signature (#3506)
• fd8c601 docs(react): add Action constraint to redux middleware signature (#3492)
• 2ce8226 docs(immer): fix setPerson updater type in usage examples (#3502)
• 038b938 docs(updating-state): use curried create form with explicit state type (#3503)
• 60a91b4 docs(devtools): add missing devtools import to troubleshooting example (#3501)
• efad169 Update FUNDING.json
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for zustand since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

---

Summary by cubic

Upgrade 10 production dependencies to improve security and build stability. Highlights: drizzle-orm fixes a SQL injection risk; esbuild adds with { type: 'text' } import support and stronger install checks.

• Dependencies
  • drizzle-orm → 0.45.2 — fixes escaping in sql.identifier()/sql.as(); PG pool detection fix; allows subqueries in select fields.
  • esbuild → 0.28.0 — supports with { type: 'text' } imports; adds binary integrity checks for installs.
  • drizzle-kit → 0.31.10 — switches to tsx loader; native Bun/Deno launch.
  • @tailwindcss/typography → 0.5.19 — fixes broken color styles.
  • @vercel/ncc → 0.38.4 — enables import.meta evaluation in CJS builds.
  • API/SDK bumps: discord-api-types → 0.38.48 (new OAuth params/routes), hume → 0.15.17 (new TTS options), plus minor fixes in lucide-react → 0.577.0, zustand → 5.0.14, and drizzle-zod → 0.8.3.

^{Written for commit f11190f. Summary will update on new commits.}

[dependabot]

Labels

The following labels could not be found: npm. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.