- Update all non-major dependencies with digest and pinDigest

[blumilk-renovate]

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update	Pending
@alpinejs/focus (source)	^3.14.9 -> ^3.15.0			dependencies	minor
@alpinejs/persist (source)	^3.14.9 -> ^3.15.0			dependencies	minor
@blumilksoftware/eslint-config	^3.0.0 -> ^3.0.2			devDependencies	patch
@tailwindcss/postcss (source)	^4.1.11 -> ^4.1.14			dependencies	patch
@tailwindcss/typography	^0.5.16 -> ^0.5.19			dependencies	patch
@typescript-eslint/eslint-plugin (source)	^8.35.0 -> ^8.35.1			devDependencies	patch
@typescript-eslint/parser (source)	^8.35.0 -> ^8.35.1			devDependencies	patch
actions/cache	v4.2.3 -> v4.2.4			action	patch
actions/checkout	v4.2.2 -> v4.3.0			action	minor
alpine	3.22.0 -> 3.22.1			stage	patch
alpinejs (source)	^3.14.9 -> ^3.15.0			dependencies	minor
axllent/mailpit (source)	v1.27.0 -> v1.27.9				patch
composer	2.8.9 -> 2.8.12			stage	patch
composer/composer	2.8.9-bin -> 2.8.12-bin			stage	patch
docker/login-action	v3.4.0 -> v3.6.0			action	minor
docker/metadata-action	v5.7.0 -> v5.8.0			action	minor
filament/filament (source)	^3.3.29 -> ^3.3.43			require	patch
filament/spatie-laravel-translatable-plugin (source)	^3.3.30 -> ^3.3.43			require	patch
guzzlehttp/guzzle (source)	^7.9.3 -> ^7.10.0			require	minor
larastan/larastan	^3.5.0 -> ^3.7.2			require-dev	minor
laravel/framework (source)	^12.19.3 -> ^12.32.5			require	minor
laravel/sanctum	^4.1.1 -> ^4.1.2			require	patch
nesbot/carbon (source)	^3.10.1 -> ^3.10.3			require	patch
node	22 -> 22.20.0			uses-with	minor
node	22.17.0-bullseye-slim -> 22.17.1-bullseye-slim			stage	patch
php	8.4.8 -> 8.4.13				patch
php	8.4.7-fpm-bookworm -> 8.4.13-fpm-bookworm			final	patch
phpunit/phpunit (source)	^12.2.5 -> ^12.2.9			require-dev	patch
sentry/sentry-laravel (source)	^4.15.1 -> ^4.15.3			require	patch
shivammathur/setup-php	2.34.1 -> 2.35.5			action	minor
tailwindcss (source)	^4.1.11 -> ^4.1.14			dependencies	patch
xdebug/xdebug	3.4.4 -> 3.4.5				patch	3.4.6

---

Release Notes

alpinejs/alpine (@​alpinejs/focus)

v3.15.0

Compare Source

Changed

• Improve CSP build #​4671
• Add Alpine.morphBetween() #​4629
• style: use let instead of var in x-model.js #​4645
• style: use let/const instead of var in debounce.js #​4644
• style: remove useless param #​4650
• feat(persist): add 'exports' field for proper ESM/CJS resolution #​4611
• Fix Chrome warning when using x-trap.inert #​4640
• Fixes license #​4647

blumilksoftware/eslint-config-blumilk (@​blumilksoftware/eslint-config)

v3.0.2

Compare Source

What's Changed

• #​7 - update publish node.js package action by @​dawidrudnik in #​17

Full Changelog: blumilksoftware/eslint-config-blumilk@v3.0.1...v3.0.2

tailwindlabs/tailwindcss (@​tailwindcss/postcss)

v4.1.14

Compare Source

Fixed

• Handle ' syntax in ClojureScript when extracting classes (#​18888)
• Handle @variant inside @custom-variant (#​18885)
• Merge suggestions when using @utility (#​18900)
• Ensure that file system watchers created when using the CLI are always cleaned up (#​18905)
• Do not generate grid-column utilities when configuring grid-column-start or grid-column-end (#​18907)
• Do not generate grid-row utilities when configuring grid-row-start or grid-row-end (#​18907)
• Prevent duplicate CSS when overwriting a static utility with a theme key (#​18056)
• Show Lightning CSS warnings (if any) when optimizing/minifying (#​18918)
• Use default export condition for @tailwindcss/vite (#​18948)
• Re-throw errors from PostCSS nodes (#​18373)
• Detect classes in markdown inline directives (#​18967)
• Ensure files with only @theme produce no output when built (#​18979)
• Support Maud templates when extracting classes (#​18988)
• Upgrade: Do not migrate variant = 'outline' during upgrades (#​18922)
• Upgrade: Show version mismatch (if any) when running upgrade tool (#​19028)
• Upgrade: Ensure first class inside className is migrated (#​19031)
• Upgrade: Migrate classes inside *ClassName and *Class attributes (#​19031)

v4.1.13

Compare Source

Changed

• Drop warning from browser build (#​18731)
• Drop exact duplicate declarations when emitting CSS (#​18809)

Fixed

• Don't transition visibility when using transition (#​18795)
• Discard matched variants with unknown named values (#​18799)
• Discard matched variants with non-string values (#​18799)
• Show suggestions for known matchVariant values (#​18798)
• Replace deprecated clip with clip-path in sr-only (#​18769)
• Hide internal fields from completions in matchUtilities (#​18820)
• Ignore .vercel folders by default (can be overridden by @source … rules) (#​18855)
• Consider variants starting with @- to be invalid (e.g. @-2xl:flex) (#​18869)
• Do not allow custom variants to start or end with a - or _ (#​18867, #​18872)
• Upgrade: Migrate aria theme keys to @custom-variant (#​18815)
• Upgrade: Migrate data theme keys to @custom-variant (#​18816)
• Upgrade: Migrate supports theme keys to @custom-variant (#​18817)

v4.1.12

Compare Source

Fixed

• Don't consider the global important state in @apply (#​18404)
• Add missing suggestions for flex-<number> utilities (#​18642)
• Fix trailing ) from interfering with extraction in Clojure keywords (#​18345)
• Detect classes inside Elixir charlist, word list, and string sigils (#​18432)
• Track source locations through @plugin and @config (#​18345)
• Allow boolean values of process.env.DEBUG in @tailwindcss/node (#​18485)
• Ignore consecutive semicolons in the CSS parser (#​18532)
• Center the dropdown icon added to an input with a paired datalist by default (#​18511)
• Extract candidates in Slang templates (#​18565)
• Improve error messages when encountering invalid functional utility names (#​18568)
• Discard CSS AST objects with false or undefined properties (#​18571)
• Allow users to disable URL rebasing in @tailwindcss/postcss via transformAssetUrls: false (#​18321)
• Fix false-positive migrations in addEventListener and JavaScript variable names (#​18718)
• Fix Standalone CLI showing default Bun help when run via symlink on Windows (#​18723)
• Read from --border-color-* theme keys in divide-* utilities for backwards compatibility (#​18704)
• Don't scan .hdr and .exr files for classes by default (#​18734)

tailwindlabs/tailwindcss-typography (@​tailwindcss/typography)

v0.5.19

Compare Source

Fixed

• Fixed broken color styles (#​405)

v0.5.18

Compare Source

Fixed

• Fixed undefined variable error (#​403)

v0.5.17

Compare Source

Added

• Add modifiers for description list elements (#​357)
• Add prose-picture modifier (#​367)

Fixed

• Include unit in hr border-width value (#​379)
• Ensure <kbd> styles work with Tailwind CSS v4 (#​387)

Changed

• Remove lodash dependencies (#​402)

actions/cache (actions/cache)

v4.2.4

Compare Source

What's Changed

• Update README.md by @​nebuk89 in #​1620
• Upgrade @actions/cache to 4.0.5 and move @protobuf-ts/plugin to dev depdencies by @​Link- in #​1634
• Prepare release 4.2.4 by @​Link- in #​1636

New Contributors

• @​nebuk89 made their first contribution in #​1620

Full Changelog: actions/cache@v4...v4.2.4

actions/checkout (actions/checkout)

v4.3.0

Compare Source

What's Changed

• docs: update README.md by @​motss in #​1971
• Add internal repos for checking out multiple repositories by @​mouismail in #​1977
• Documentation update - add recommended permissions to Readme by @​benwells in #​2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in #​2044
• Update README.md by @​nebuk89 in #​2194
• Update CODEOWNERS for actions by @​TingluoHuang in #​2224
• Update package dependencies by @​salmanmkc in #​2236
• Prepare release v4.3.0 by @​salmanmkc in #​2237

New Contributors

• @​motss made their first contribution in #​1971
• @​mouismail made their first contribution in #​1977
• @​benwells made their first contribution in #​2043
• @​nebuk89 made their first contribution in #​2194
• @​salmanmkc made their first contribution in #​2236

Full Changelog: actions/checkout@v4...v4.3.0

axllent/mailpit (axllent/mailpit)

v1.27.9

Compare Source

Chore

• UI tweaks to pagination layout for clearer navigation (#​568)
• Add margin to icons in release and delete buttons for consistent spacing
• Update navbar theme to use data-bs-theme attribute for consistency
• Update Go dependencies
• Update node dependencies

v1.27.8

Compare Source

Chore

• Update Go dependencies
• Update node dependencies
• Update caniemail test database

v1.27.7

Compare Source

Fix

• Move HELO/EHLO hostname setting to the correct position in SMTP client creation (#​558)

v1.27.6

Compare Source

Feature

• Add optional --no-release-check to version subcommand (#​557)

Chore

• Set HELO/EHLO hostname when connecting to external SMTP server (#​556)
• Update Go dependencies
• Update node dependencies

v1.27.5

Compare Source

Chore

• Update Go dependencies
• Update node dependencies
• Update caniemail test database

Fix

• Support optional UIDL argument in POP3 server (#​552)

v1.27.4

Compare Source

Feature

• Allow rejected SMTP recipients to be silently dropped (#​549)

Chore

• Update Go dependencies
• Update node dependencies
• Update caniemail test database

v1.27.3

Compare Source

Fix

• Fix sendmail when using an --smtp-addr <ip>:<port> (#​542)

v1.27.2

Compare Source

Feature

• Add ability to generate self-signed (snakeoil) certificates for UI, SMTP and POP3 (#​539)

Chore

• Allow sendmail to send to untrusted TLS server
• Update eslint config, remove neostandard
• Refactor JS functions and remove unused parameters
• Update Go dependencies
• Update node dependencies

Fix

• Use MaxMessages to determine pruning (#​536)
• Support angle brackets for text/plain URLs with spaces (#​535)
• Do not check latest release for Prometheus statistics (#​522)

Security

• Prevent integer overflow conversion to uint64
• Add ReadHeaderTimeout to Prometheus metrics server

v1.27.1

Compare Source

Chore

• Allow unknown href link protocols in HTML view such as myapp:// (#​532)
• Update Go dependencies
• Update node dependencies

docker/login-action (docker/login-action)

v3.6.0

Compare Source

• Add registry-auth input for raw authentication to registries by @​crazy-max in #​887
• Bump @​aws-sdk/client-ecr to 3.890.0 in #​882 #​890
• Bump @​aws-sdk/client-ecr-public to 3.890.0 in #​882 #​890
• Bump @​docker/actions-toolkit from 0.62.1 to 0.63.0 in #​883
• Bump brace-expansion from 1.1.11 to 1.1.12 in #​880
• Bump undici from 5.28.4 to 5.29.0 in #​879
• Bump tmp from 0.2.3 to 0.2.4 in #​881

Full Changelog: docker/login-action@v3.5.0...v3.6.0

v3.5.0

Compare Source

• Support dual-stack endpoints for AWS ECR by @​Spacefish @​crazy-max in #​874 #​876
• Bump @​aws-sdk/client-ecr to 3.859.0 in #​860 #​878
• Bump @​aws-sdk/client-ecr-public to 3.859.0 in #​860 #​878
• Bump @​docker/actions-toolkit from 0.57.0 to 0.62.1 in #​870
• Bump form-data from 2.5.1 to 2.5.5 in #​875

Full Changelog: docker/login-action@v3.4.0...v3.5.0

docker/metadata-action (docker/metadata-action)

v5.8.0

Compare Source

• New is_not_default_branch global expression by @​crazy-max in #​535
• Allow to match part of the git tag or value for semver/pep440 types by @​crazy-max in #​536 #​537
• Bump @​actions/github from 6.0.0 to 6.0.1 in #​523
• Bump @​docker/actions-toolkit from 0.56.0 to 0.62.1 in #​526
• Bump form-data from 2.5.1 to 2.5.5 in #​533
• Bump moment-timezone from 0.5.47 to 0.6.0 in #​525
• Bump semver from 7.7.1 to 7.7.2 in #​524

Full Changelog: docker/metadata-action@v5.7.0...v5.8.0

filamentphp/panels (filament/filament)

v3.3.43

Compare Source

v3.3.42

Compare Source

v3.3.41

Compare Source

v3.3.40

Compare Source

v3.3.39

Compare Source

v3.3.38

Compare Source

v3.3.37

Compare Source

v3.3.36

Compare Source

v3.3.35

Compare Source

v3.3.34

Compare Source

v3.3.33

Compare Source

v3.3.32

Compare Source

v3.3.31

Compare Source

filamentphp/spatie-laravel-translatable-plugin (filament/spatie-laravel-translatable-plugin)

v3.3.43

Compare Source

v3.3.42

Compare Source

v3.3.41

Compare Source

v3.3.40

Compare Source

v3.3.39

Compare Source

v3.3.38

Compare Source

v3.3.37

Compare Source

v3.3.36

Compare Source

v3.3.35

Compare Source

v3.3.34

Compare Source

v3.3.33

Compare Source

v3.3.32

Compare Source

v3.3.31

Compare Source

guzzle/guzzle (guzzlehttp/guzzle)

v7.10.0

Compare Source

Added

• Support for PHP 8.5

Changed

• Adjusted guzzlehttp/promises version constraint to ^2.3
• Adjusted guzzlehttp/psr7 version constraint to ^2.8

larastan/larastan (larastan/larastan)

v3.7.2: 3.7.2

Compare Source

What's Changed

Added

• feat: new collection-of custom PHPDoc type by @​canvural in #​2369
• Add support for translation groups by @​ramonrietdijk in #​2373

Fixed

• Make regex for UsedTranslationViewCollector lazy by @​ramonrietdijk in #​2371
• Ignore vendor translations by @​ramonrietdijk in #​2372
• Add autowired to Filesystem in extension.neon by @​ramonrietdijk in #​2365
• fix: request->server() returns float|int|list|string by @​calebdw in #​2370
• Require latest (2.1.28) PHPStan version and fix incompatibilities.

Full Changelog: larastan/larastan@v3.7.1...v3.7.2

v3.7.1: 3.7.1

Compare Source

What's Changed

Added

• [3.x] Add support for translations in subdirectories by @​ramonrietdijk in #​2363

Full Changelog: larastan/larastan@v3.7.0...v3.7.1

v3.7.0: 3.7.0

Compare Source

What's Changed

Added

• Add support for public const in Schema table names by @​riasvdv in #​2315
• Add TDeclaringModel to code snippet by @​ramonrietdijk in #​2349
• Add NoMissingTranslationsRule by @​ramonrietdijk in #​2340
• Added NoPublicModelScopeAndAccessorRule

Fixed

• Use explicit nullable types by @​ramonrietdijk in #​2343
• fix: align getAccessor with hasAccessor to use camelCase convention by @​kei1111 in #​2348
• fix: allow null values in trans replacements by @​oprypkhantc in #​2351
• fix: self::query() for final models by @​calebdw in #​2338

New Contributors

• @​riasvdv made their first contribution in #​2315
• @​kei1111 made their first contribution in #​2348
• @​oprypkhantc made their first contribution in #​2351

Full Changelog: larastan/larastan@v3.6.1...v3.7.0

v3.6.1

Compare Source

What's Changed

Fixed

• [3.x] Only check existing views by @​ramonrietdijk in #​2337
• [3.x] Add Expression to the EloquentBuilder stub by @​ramonrietdijk in #​2339

Documentation

• Add documentation for packages regarding view-strings by @​ramonrietdijk in #​2336

New Contributors

• @​ramonrietdijk made their first contribution in #​2336

Full Changelog: larastan/larastan@v3.6.0...v3.6.1

v3.6.0

Compare Source

Added 🪄

• [3.x] getCountForPagination as a pass-thru for Laravel versions >= 12.15 by @​cosmastech in #​2301
• [3.x] feat: add new rule to detect unnecessary Enumerable::toArray() calls by @​calebdw in #​2311 Read more about it here
• Accurate return types for Config::collection() calls (only for Laravel >= 12.20.0) Note: Needs checkConfigTypes parameter to be enabled in the config.
• Two new rules that will warn if you can access the information through request instead of global function NoAuthFacadeInRequestScopeRule and NoAuthHelperInRequestScopeRule Read more about it here
• ConfigCollectionRule to warn you if you pass a config option that is not an array to Config::collection call. Note: Needs checkConfigTypes parameter to be enabled in the config.
• Added support for calling pluck on collections with closures. (only for Laravel >= 12.20.0) fd16758

Internal ⚙️

• Fixed PHPUnit deprecations 6431d01

New Contributors

• @​cosmastech made their first contribution in #​2301

Full Changelog: larastan/larastan@v3.5.0...v3.6.0

laravel/framework (laravel/framework)

v12.32.5

Compare Source

v12.32.4

Compare Source

• [12.x] Use Container::getInstance() in ComposerScripts::prePackageUninstall() by @​cosmastech in #​57226

v12.32.3

Compare Source

• [12.x] Define LARAVEL_START if not already defined by @​cosmastech in #​57222
• [12.x] Clean up redundant type hints in docblocks by @​AhmedAlaa4611 in #​57219

v12.32.2

Compare Source

v12.32.1

Compare Source

• [13.x] Fix scopedBy attribute not following inheritance chain by @​Muffinman in #​57213
• [12.x] Fix AWS S3 adapter's constructor not allowing decorated adapter instances by @​daniser in #​57217

v12.32.0

Compare Source

• [12.x] fix static analysis error by @​cosmastech in #​57162
• Fix: Handle non-string returns from Htmlable::toHtml() in e() helper by @​Carnicero90 in #​57157
• [12.x] Fix pending attributes in schedule group by @​jamessa in #​57156
• Remove Request overview from Exceptions by @​barryvdh in #​57158
• [12.x] Pass "throw" option from scoped to parent disk by @​daniser in #​57163
• [12.x] Make docblock return type in line with actual return type by @​parijke in #​57164
• [12.x] Adjust Arr typehints by @​daniser in #​57165
• [12.x] Track filesystem adapter decora

---

Configuration

📅 Schedule: Branch creation - On day 1 of the month, every 3 months ( * * 1 */3 * ) in timezone Europe/Warsaw, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.