chore(deps):(deps): bump lucide-react from 1.7.0 to 1.8.0#286
chore(deps):(deps): bump lucide-react from 1.7.0 to 1.8.0#286dependabot[bot] wants to merge 1 commit intomainfrom
Conversation
Bumps [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) from 1.7.0 to 1.8.0. - [Release notes](https://github.com/lucide-icons/lucide/releases) - [Commits](https://github.com/lucide-icons/lucide/commits/1.8.0/packages/lucide-react) --- updated-dependencies: - dependency-name: lucide-react dependency-version: 1.8.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit e58f488. Configure here.
| "arm" | ||
| ], | ||
| "dev": true, | ||
| "libc": [ |
There was a problem hiding this comment.
Lockfile lost libc fields for platform-specific packages
Medium Severity
The libc field was dropped from numerous platform-specific native packages in package-lock.json (affecting @img/sharp-*, @rolldown/binding-*, and lightningcss-* entries). This field distinguishes glibc vs musl variants and is essential for correct platform resolution. Without it, npm ci on musl-based systems (e.g., Alpine Linux Docker containers) may select incorrect native binaries, causing dev tools like sharp, lightningcss, and rolldown to malfunction. This appears to be an unintended side effect of Dependabot regenerating the lockfile for the lucide-react bump.
Additional Locations (2)
Reviewed by Cursor Bugbot for commit e58f488. Configure here.
Bumps lucide-react from 1.7.0 to 1.8.0.
Release notes
Sourced from lucide-react's releases.
Commits
7623e23feat(docs): add Zephyr Cloud to Hero Backers tier & rework updateSponsors scr...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)Note
Low Risk
Low risk dependency-only update; primary impact is potential minor icon/component changes from
lucide-reactplus lockfile metadata churn.Overview
Updates the
lucide-reactdependency from1.7.0to1.8.0.Refreshes
package-lock.jsonaccordingly, including the newlucide-reacttarball integrity/resolution and related lockfile metadata changes.Reviewed by Cursor Bugbot for commit e58f488. Bugbot is set up for automated code reviews on this repo. Configure here.