[Snyk] Upgrade @tailwindcss/postcss from 4.1.14 to 4.1.15

[ahqsoftwares]

Snyk has created this PR to upgrade @tailwindcss/postcss from 4.1.14 to 4.1.15.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 1 version ahead of your current version.

• The recommended version was released 21 days ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Race Condition SNYK-JS-TAR-13782958	154	Proof of Concept

Release notes

Package name: @tailwindcss/postcss

• 4.1.15 - 2025-10-20
  

  Fixed

  • Fix Safari devtools rendering issue due to color-mix fallback (#19069)
  • Suppress Lightning CSS warnings about :deep, :slotted, and :global (#19094)
  • Fix resolving theme keys when starting with the name of another theme key in JS configs and plugins (#19097)
  • Allow named groups in combination with not-*, has-*, and in-* (#19100)
  • Prevent important utilities from affecting other utilities (#19110)
  • Don’t index into strings with the theme(…) function (#19111)
  • Fix parsing issue when \t is used in at-rules (#19130)
  • Upgrade: Canonicalize utilities containing 0 values (#19095)
  • Upgrade: Migrate deprecated break-words to wrap-break-word (#19157)

  Changed

  • Remove the postinstall script from oxide (#19149)
• 4.1.14 - 2025-10-01
  

  Fixed

  • Handle ' syntax in ClojureScript when extracting classes (#18888)
  • Handle @ variant inside @ custom-variant (#18885)
  • Merge suggestions when using @ utility (#18900)
  • Ensure that file system watchers created when using the CLI are always cleaned up (#18905)
  • Do not generate grid-column utilities when configuring grid-column-start or grid-column-end (#18907)
  • Do not generate grid-row utilities when configuring grid-row-start or grid-row-end (#18907)
  • Prevent duplicate CSS when overwriting a static utility with a theme key (#18056)
  • Show Lightning CSS warnings (if any) when optimizing/minifying (#18918)
  • Use default export condition for @ tailwindcss/vite (#18948)
  • Re-throw errors from PostCSS nodes (#18373)
  • Detect classes in markdown inline directives (#18967)
  • Ensure files with only @ theme produce no output when built (#18979)
  • Support Maud templates when extracting classes (#18988)
  • Upgrade: Do not migrate variant = 'outline' during upgrades (#18922)
  • Upgrade: Show version mismatch (if any) when running upgrade tool (#19028)
  • Upgrade: Ensure first class inside className is migrated (#19031)
  • Upgrade: Migrate classes inside *ClassName and *Class attributes (#19031)

from @tailwindcss/postcss GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch snyk-upgrade-3c463d6bde666e55a8ac696e201f6b3e

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/@tailwindcss/postcss	^4.1.15	🟢 6.1	Details Check Score Reason Code-Review 🟢 9 Found 17/18 approved changesets -- score normalized to 9 Maintained 🟢 10 30 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy ⚠️ 0 security policy file not detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege License 🟢 10 license file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing 🟢 10 project is fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected

Scanned Files

• package.json