chore(deps): bump the production group across 1 directory with 5 updates

[dependabot]

Bumps the production group with 5 updates in the / directory:

Package	From	To
@nuxt/icon	2.2.2	2.2.3
@unhead/vue	3.1.0	3.1.4
dayjs	1.11.20	1.11.21
nuxt	4.4.6	4.4.8
tailwindcss	4.3.0	4.3.1

Updates @nuxt/icon from 2.2.2 to 2.2.3

Release notes

Sourced from @​nuxt/icon's releases.

v2.2.3

   🐞 Bug Fixes

• Scope per-instance customize to unique CSS selector  -  by @​mukundshah and Sébastien Chopin in nuxt/icon#483 (17d93)
• server:
  • Use ufo for query parsing to fix h3 v2 compatibility  -  by @​benjamincanac and @​atinux in nuxt/icon#493 (93172)
  • Guard collection lookup against prototype keys  -  by @​itsmelouis and Sébastien Chopin in nuxt/icon#488 (45025)

    View changes on GitHub

Commits

• 4d8d1f6 chore: release v2.2.3
• 0c6b696 chore(deps): update all non-major dependencies (#486)
• d6288e5 chore(deps): update nuxt framework to ^4.4.6 (#459)
• 17d9348 fix: scope per-instance customize to unique CSS selector (#483)
• 4502522 fix(server): guard collection lookup against prototype keys (#488)
• 931722e fix(server): use ufo for query parsing to fix h3 v2 compatibility (#493)
• b13f778 chore(github): add pkg.pr.new preview publishing (#495)
• 7cafddc chore(deps): update all non-major dependencies (#424)
• 740ae78 ci: update workflow references to main branch (#484)
• See full diff in compare view

Updates @unhead/vue from 3.1.0 to 3.1.4

Release notes

Sourced from @​unhead/vue's releases.

v3.1.4

   🐞 Bug Fixes

• bundler:
  • Resolve dynamic ogImage in useSeoMeta transform  -  by @​harlan-zw in unjs/unhead#770 (06a85)
• scripts:
  • Resolve useScript load promise via microtask  -  by @​harlan-zw in unjs/unhead#772 (d3cc3)
• types:
  • Correct music.radio_station + add payment.link OG  -  by @​harlan-zw in unjs/unhead#775 (80027)
• unhead:
  • Avoid crash on script template params with no type  -  by @​harlan-zw in unjs/unhead#773 (90e75)
  • Parse HTML attribute values without backslash escaping  -  by @​harlan-zw in unjs/unhead#774 (88c9d)

   🏎 Performance

• unhead: Skip defensive tag clones when no mutating hooks registered  -  by @​harlan-zw in unjs/unhead#776 (032f2)

    View changes on GitHub

v3.1.3

   🐞 Bug Fixes

• bundler: Resolve devtools bridge and UI assets from package root  -  by @​harlan-zw in unjs/unhead#768 (78bcb)

    View changes on GitHub

v3.1.2

   🐞 Bug Fixes

• server: Re-expose omitLineBreaks render option  -  by @​harlan-zw in unjs/unhead#767 (95604)

    View changes on GitHub

v3.1.1

   🐞 Bug Fixes

• Scope alternate link dedupeKey by href when type is used  -  by @​EduardF1 in unjs/unhead#759 (e8699)
• types: Support union rel/type in defineLink and defineScript  -  by @​harlan-zw in unjs/unhead#765 (e4663)

    View changes on GitHub

Commits

• 8ad3644 chore: release v3.1.4
• f0f057b test(unhead): resolve reactive root entry input (#777)
• 44b8ed2 chore: release v3.1.3
• ce7f616 chore: release v3.1.2
• 98f99fe chore: release v3.1.1
• See full diff in compare view

Updates dayjs from 1.11.20 to 1.11.21

Release notes

Sourced from dayjs's releases.

v1.11.21

1.11.21 (2026-05-26)

Bug Fixes

• preserve unsupported year tokens in format (#3015) (#3016) (8fda602)

Changelog

Sourced from dayjs's changelog.

1.11.21 (2026-05-26)

Bug Fixes

• preserve unsupported year tokens in format (#3015) (#3016) (8fda602)

Commits

• a25f01e chore(release): 1.11.21 [skip ci]
• ee75cc2 Merge pull request #3113 from iamkun/dev
• 1a8bf27 chore: update doc
• 51ef048 chore: support window os test execution using cross-env (#3064)
• 7bb06f8 chore: add download chart (#3045)
• f6d72ce docs: fix documentation (#3044)
• dcae6d7 chore: update doc
• b84592f chore: update doc
• ea2929d chore: update doc
• 523007d chore: update doc
• Additional commits viewable in compare view

Updates nuxt from 4.4.6 to 4.4.8

Release notes

Sourced from nuxt's releases.

v4.4.8

4.4.8 is a hotfix release to address an issue running the dev server on MacOS.

👉 Changelog

compare changes

🩹 Fixes

• vite: Shorter socket name for macOs with tmp fallback (#35265)
• kit: Respect type option in findPath (#35272)
• deps: Update nuxt/scripts presets (905621594)
• nuxt: Revert unhead dependency back to v2 (e6d578fea)

📖 Documentation

• Fix many typos (#35266)
• Explain static fallback pages (#35277)
• Change null to undefined in data-fetching docs to match actual types (#35301)
• Fix broken internal links, useAsyncData watch type, and NuxtError type (#35303)

❤️ Contributors

• Daniel Roe (@​danielroe)
• Ali Mahmmoud (@​AliMahmoudDev)
• Quentin Macq (@​quentinmcq)
• Pranav Rajeshirke (@​Pranav188)
• Eduardo San Martin Morote (@​posva)

v4.4.7

4.4.7 is a security hotfix release.

👉 make sure to check https://github.com/nuxt/nuxt/security/advisories to view open advisories resolved by this release.

👉 Changelog

compare changes

🩹 Fixes

• nitro: Assign noSSR before deciding payload extraction (#35108)
• vite: Avoid filtering out dirs with shared prefix from allowDirs (#35112)
• nuxt: Use resolve from pathe for buildCache path boundary check (#35111)
• nuxt: Prevent sibling-directory traversal in test component wrapper (#35110)
• nitro: Pass event data to isValid in dev clipboard-copy listener (#35109)
• nuxt: Validate protocols in reloadNuxtApp path before reload (#35115)
• vite: Prefix public asset virtuals with null byte (9e303b438)
• nuxt: Re-run getCachedData after initial fetch (#35122)
• nuxt: Propagate useFetch/useAsyncData factory types (#35133)
• vite: Close vite dev server on nuxt close (a10a68abc)
• kit,nuxt: Handle cancelling prompts to install packages (e84813229)
• kit: Avoid excluding node-context files in legacy tsconfig (#35152)
• nuxt: Handle missing payload in chunkError listener (#35155)
• nuxt: Await in-lifght template generation when closing nuxt (#35181)
• nuxt: Clarify page and layout usage warnings (#35184)
• webpack: Surface compilation errors when stats.toString is empty (073b07851)
• nuxt: Reject prototype-chain keys in the island registry (#35205)

... (truncated)

Commits

• 2bfc2c8 v4.4.8
• e6d578f fix(nuxt): revert unhead dependency back to v2
• 9056215 fix(deps): update nuxt/scripts presets
• b7d5790 v4.4.7
• dbc5896 chore: lint
• e447a79 fix(nuxt): reject cross-origin paths in reloadNuxtApp
• d72a89e refactor(nuxt): replace runInNewContext with AST walker
• 2cce6fb fix(nuxt): block path-normalization open redirect in navigateTo
• 0103ce0 fix(nuxt): reject script-capable protocols in \<NuxtLink> href
• 07e39cd fix(nuxt): match route rules case-insensitively to mirror vue-router
• Additional commits viewable in compare view

Updates tailwindcss from 4.3.0 to 4.3.1

Release notes

Sourced from tailwindcss's releases.

v4.3.1

Added

• Add --silent option to suppress output in @tailwindcss/cli (#20100)

Fixed

• Remove deprecation warnings by using Module#registerHooks instead of Module#register on Node 26+ (#20028)
• Canonicalization: don't crash when plugin utilities throw for unsupported values (#20052)
• Allow @apply to be used with CSS mixins (#19427)
• Ensure not-* correctly negates @container queries, including style(…) queries (#20059)
• Ensure drop-shadow-* color utilities work with custom shadow values containing calc(…) (#20080)
• Fix 'Sourcemap is likely to be incorrect' warnings when using @tailwindcss/vite (#20103)
• Ensure @tailwindcss/webpack can be installed in Rspack projects without requiring webpack as a peer dependency (#20027)
• Canonicalization: don't suggest invalid calc(…) expressions (e.g. px-[calc(1rem+0px)] → px-[calc(1rem+0)]) (#20127)
• Canonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. left-[99999px] → left-[99999px], not left-24999.75) (#20130)
• Ensure @tailwindcss/cli in --watch mode recovers when a tracked dependency is deleted and restored (#20137)
• Ensure standalone @tailwindcss/cli binaries are ignored when scanning for class candidates (#20139)
• Ensure class candidates are extracted from Twig addClass(…) and removeClass(…) calls (#20198)
• Don't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (#19588)
• Allow @variant to be used inside addBase (#19480)
• Ensure @source globs with symlinks are preserved (#20203)
• Ensure later @source rules can re-include files excluded by earlier @source not rules (#20203)
• Upgrade: don't migrate empty class rules to invalid @utility rules (#20205)
• Ensure transitions between inset-shadow-none and other inset shadows work correctly (#20208)
• Ensure explicitly referenced @source directories are scanned even when ignored by git (#20214)
• Ensure @source globs ending in **/* preserve dynamic path segments to avoid scanning too many files (#20217)
• Canonicalization: don't fold calc(…) divisions when the result would require high precision (e.g. w-[calc(100%/3.5)] → w-[calc(100%/3.5)], not w-[28.571428571428573%]) (#20221)
• Serve ESM type declarations to ESM importers of @tailwindcss/postcss (#20228)

Changed

• Generate 0 instead of calc(var(--spacing) * 0) for spacing utilities like m-0 and left-0 (#20196)
• Generate var(--spacing) instead of calc(var(--spacing) * 1) for spacing utilities like m-1 and left-1 (#20196)

Changelog

Sourced from tailwindcss's changelog.

[4.3.1] - 2026-06-12

Added

• Add --silent option to suppress output in @tailwindcss/cli (#20100)

Fixed

• Remove deprecation warnings by using Module#registerHooks instead of Module#register on Node 26+ (#20028)
• Canonicalization: don't crash when plugin utilities throw for unsupported values (#20052)
• Allow @apply to be used with CSS mixins (#19427)
• Ensure not-* correctly negates @container queries, including style(…) queries (#20059)
• Ensure drop-shadow-* color utilities work with custom shadow values containing calc(…) (#20080)
• Fix 'Sourcemap is likely to be incorrect' warnings when using @tailwindcss/vite (#20103)
• Ensure @tailwindcss/webpack can be installed in Rspack projects without requiring webpack as a peer dependency (#20027)
• Canonicalization: don't suggest invalid calc(…) expressions (e.g. px-[calc(1rem+0px)] → px-[calc(1rem+0)]) (#20127)
• Canonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. left-[99999px] → left-[99999px], not left-24999.75) (#20130)
• Ensure @tailwindcss/cli in --watch mode recovers when a tracked dependency is deleted and restored (#20137)
• Ensure standalone @tailwindcss/cli binaries are ignored when scanning for class candidates (#20139)
• Ensure class candidates are extracted from Twig addClass(…) and removeClass(…) calls (#20198)
• Don't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (#19588)
• Allow @variant to be used inside addBase (#19480)
• Ensure @source globs with symlinks are preserved (#20203)
• Ensure later @source rules can re-include files excluded by earlier @source not rules (#20203)
• Upgrade: don't migrate empty class rules to invalid @utility rules (#20205)
• Ensure transitions between inset-shadow-none and other inset shadows work correctly (#20208)
• Ensure explicitly referenced @source directories are scanned even when ignored by git (#20214)
• Ensure @source globs ending in **/* preserve dynamic path segments to avoid scanning too many files (#20217)
• Canonicalization: don't fold calc(…) divisions when the result would require high precision (e.g. w-[calc(100%/3.5)] → w-[calc(100%/3.5)], not w-[28.571428571428573%]) (#20221)
• Serve ESM type declarations to ESM importers of @tailwindcss/postcss (#20228)

Changed

• Generate 0 instead of calc(var(--spacing) * 0) for spacing utilities like m-0 and left-0 (#20196)
• Generate var(--spacing) instead of calc(var(--spacing) * 1) for spacing utilities like m-1 and left-1 (#20196)

Commits

• 8a14a71 4.3.1 (#20226)
• 12833aa Fix canonicalization bug where we end up with a high precision number (#20221)
• 97a5b3a docs: fix double word 'to to' in test comment (#20216)
• d01e103 Add missing inset keyword for inset-shadow-none (#20208)
• ad66939 Allow @variant to be used inside addBase (#19480)
• efae52c Simplify CSS when using utilities that use a *-0 or *-1 value (#20196)
• 6b43b64 Canonicalization: limit arbitrary to bare values conversion (#20130)
• d4f24c5 Fix invalid canonicalization where 0\<unit> was migrated to 0 (#20127)
• 749c45e Expose index and siblings on walk context (#20109)
• 8dcdb66 Bump dependencies (#20095)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions