chore(deps-dev): bump tailwindcss from 3.4.19 to 4.1.18

[dependabot]

Bumps tailwindcss from 3.4.19 to 4.1.18.

Release notes

Sourced from tailwindcss's releases.

v4.1.18

Fixed

• Ensure validation of source(…) happens relative to the file it is in (#19274)
• Include filename and line numbers in CSS parse errors (#19282)
• Skip comments in Ruby files when checking for class names (#19243)
• Skip over arbitrary property utilities with a top-level ! in the value (#19243)
• Support environment API in @tailwindcss/vite (#18970)
• Preserve case of theme keys from JS configs and plugins (#19337)
• Write source maps correctly on the CLI when using --watch (#19373)
• Handle special defaults (like ringColor.DEFAULT) in JS configs (#19348)
• Improve backwards compatibility for content theme key from JS configs (#19381)
• Upgrade: Handle future and experimental config keys (#19344)
• Try to canonicalize any arbitrary utility to a bare value (#19379)
• Validate candidates similarly to Oxide (#19397)
• Canonicalization: combine text-* and leading-* classes (#19396)
• Correctly handle duplicate CLI arguments (#19416)
• Don’t emit color-mix fallback rules inside @keyframes (#19419)
• CLI: Don't hang when output is /dev/stdout (#19421)

v4.1.17

Fixed

• Substitute @variant inside legacy JS APIs (#19263)
• Prevent occasional crash on Windows when loaded into a worker thread (#19242)

v4.1.16

Fixed

• Discard candidates with an empty data type (#19172)
• Fix canonicalization of arbitrary variants with attribute selectors (#19176)
• Fix invalid colors due to nested & (#19184)
• Improve canonicalization for & > :pseudo and & :pseudo arbitrary variants (#19178)

v4.1.15

Fixed

• Fix Safari devtools rendering issue due to color-mix fallback (#19069)
• Suppress Lightning CSS warnings about :deep, :slotted, and :global (#19094)
• Fix resolving theme keys when starting with the name of another theme key in JS configs and plugins (#19097)
• Allow named groups in combination with not-*, has-*, and in-* (#19100)
• Prevent important utilities from affecting other utilities (#19110)
• Don’t index into strings with the theme(…) function (#19111)
• Fix parsing issue when \t is used in at-rules (#19130)
• Upgrade: Canonicalize utilities containing 0 values (#19095)
• Upgrade: Migrate deprecated break-words to wrap-break-word (#19157)

Changed

• Remove the postinstall script from oxide (#19149)

... (truncated)

Changelog

Sourced from tailwindcss's changelog.

[4.1.18] - 2025-12-11

Fixed

• Ensure validation of source(…) happens relative to the file it is in (#19274)
• Include filename and line numbers in CSS parse errors (#19282)
• Skip comments in Ruby files when checking for class names (#19243)
• Skip over arbitrary property utilities with a top-level ! in the value (#19243)
• Support environment API in @tailwindcss/vite (#18970)
• Preserve case of theme keys from JS configs and plugins (#19337)
• Write source maps correctly on the CLI when using --watch (#19373)
• Handle special defaults (like ringColor.DEFAULT) in JS configs (#19348)
• Improve backwards compatibility for content theme key from JS configs (#19381)
• Upgrade: Handle future and experimental config keys (#19344)
• Try to canonicalize any arbitrary utility to a bare value (#19379)
• Validate candidates similarly to Oxide (#19397)
• Canonicalization: combine text-* and leading-* classes (#19396)
• Correctly handle duplicate CLI arguments (#19416)
• Don’t emit color-mix fallback rules inside @keyframes (#19419)
• CLI: Don't hang when output is /dev/stdout (#19421)

Commits

• 9b32f7c Release v4.1.18 (#19431)
• 820d907 Expose candidatesToAst to the language server (#19405)
• 478e959 Don’t emit color-mix fallback rules inside @keyframes (#19419)
• a5f4644 Validate named values in candidate parser (#19397)
• 229121d Canonicalization: combine text-* and leading-* classes (#19396)
• 243615e Handle backwards compatibility for content theme from JS configs (#19381)
• 7642751 Improve compatibility with special default values in JS configs (#19348)
• af48117 remove unnecessary intermediate check
• 9e436f7 Try to canonicalize any arbitrary utility to a bare value (#19379)
• 479b725 Bump Vitest to v4 (#19216)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Greptile Summary

This PR upgrades tailwindcss from v3.4.19 to v4.1.18, a major version bump that introduces significant breaking changes.

Critical Issues:

• Configuration incompatibility: Tailwind v4 completely rewrites the configuration system, requiring migration from JavaScript config (tailwind.config.ts) to CSS-based configuration using @theme directives
• Missing lockfile: The PR only updates package.json without updating bun.lockb, which will cause CI failures at .github/workflows/pr-checks.yml:27,49,101 where --frozen-lockfile is used
• Plugin compatibility unknown: The project uses @tailwindcss/typography v0.5.16 and tailwindcss-animate v1.0.7, both need verification for v4 compatibility
• Build will fail: Current setup uses v3 syntax (@tailwind base/components/utilities at src/app/globals.css:1-3 and JavaScript config) which is incompatible with v4's new engine

Required migration work:

1. Migrate tailwind.config.ts from JavaScript to CSS-based @theme configuration
2. Update plugin imports and syntax for v4 compatibility
3. Update lockfile by running bun install
4. Verify all Tailwind utilities in components still work with v4
5. Test build process locally before merging

This is not a drop-in replacement - it requires careful migration and testing.

Confidence Score: 0/5

• This PR will break the build and cannot be merged in its current state
• Score of 0 reflects multiple critical blocking issues: (1) missing lockfile will cause immediate CI failure, (2) Tailwind v4's breaking changes require complete config migration from JS to CSS-based system, (3) plugin compatibility unverified, (4) current v3 configuration syntax is incompatible with v4's new engine. This is a major version upgrade that requires substantial migration work beyond just updating the version number.
• package.json requires lockfile update and configuration migration - build will fail without proper v3→v4 migration

Important Files Changed

Filename	Overview
package.json	Major version upgrade of tailwindcss from 3.4.19 to 4.1.18 - requires configuration migration and lockfile update

Sequence Diagram

sequenceDiagram
    participant D as Dependabot
    participant P as package.json
    participant L as Lockfile
    participant C as CI/CD
    participant T as Tailwind Config
    participant B as Build Process
    
    D->>P: Bump tailwindcss 3.4.19→4.1.18
    Note over P: Major version change
    
    P--xL: ❌ Lockfile not updated
    Note over L: Missing in PR
    
    C->>L: bun install --frozen-lockfile
    L--xC: ❌ Fails - lockfile out of sync
    
    B->>T: Read tailwind.config.ts
    Note over T: v3 JavaScript config
    T--xB: ❌ Incompatible with v4
    Note over T: v4 requires CSS config
    
    B->>P: Load plugins
    Note over P: `@tailwindcss/typography` v0.5.16<br/>`tailwindcss-animate` v1.0.7
    P--xB: ❌ Plugin compatibility unknown
    
    Note over D,B: PR will fail CI checks<br/>Requires migration work

Loading

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[greptile-apps]

_{1 file reviewed, 2 comments}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

logic: Tailwind v4 is a complete rewrite with breaking changes. The current configuration at tailwind.config.ts:1-101 uses v3 syntax which is incompatible with v4. v4 requires migrating to CSS-based configuration using @import "tailwindcss" and @theme directives instead of the JavaScript config file. The @tailwindcss/typography plugin also needs updating for v4 compatibility.

Key breaking changes:

• Config must migrate from JS to CSS-based theme configuration
• Plugin syntax has changed significantly
• @tailwindcss/typography plugin at v0.5.16 may not be compatible with v4
• tailwindcss-animate plugin needs v4 compatibility verification

Check the official v4 migration guide before merging.

Prompt To Fix With AI

This is a comment left during a code review.
Path: package.json
Line: 96:96

Comment:
**logic:** Tailwind v4 is a complete rewrite with breaking changes. The current configuration at `tailwind.config.ts:1-101` uses v3 syntax which is incompatible with v4. v4 requires migrating to CSS-based configuration using `@import "tailwindcss"` and `@theme` directives instead of the JavaScript config file. The `@tailwindcss/typography` plugin also needs updating for v4 compatibility.

Key breaking changes:
- Config must migrate from JS to CSS-based theme configuration
- Plugin syntax has changed significantly
- `@tailwindcss/typography` plugin at v0.5.16 may not be compatible with v4
- `tailwindcss-animate` plugin needs v4 compatibility verification

Check the official v4 migration guide before merging.

How can I resolve this? If you propose a fix, please make it concise.

[greptile-apps]

syntax: The lockfile (bun.lockb) is missing from this PR. The CI workflow at .github/workflows/pr-checks.yml:27,49,101 uses bun install --frozen-lockfile which will fail without an updated lockfile.

Suggested change

	"tailwindcss": "^4.1.18",
	"tailwindcss": "^4.1.18",

After making this change, run bun install to update the lockfile and include it in the PR.

Prompt To Fix With AI

This is a comment left during a code review.
Path: package.json
Line: 96:96

Comment:
**syntax:** The lockfile (`bun.lockb`) is missing from this PR. The CI workflow at `.github/workflows/pr-checks.yml:27,49,101` uses `bun install --frozen-lockfile` which will fail without an updated lockfile.

```suggestion
    "tailwindcss": "^4.1.18",
```

After making this change, run `bun install` to update the lockfile and include it in the PR.

How can I resolve this? If you propose a fix, please make it concise.