chore(deps): update javascript

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
@hookform/resolvers (source)	5.2.2 → 5.4.0
@tailwindcss/postcss (source)	4.2.2 → 4.3.0
@tanstack/react-query (source)	5.95.2 → 5.100.14
@types/node (source)	24.12.0 → 24.12.4
@types/react (source)	19.2.14 → 19.2.15
@vitejs/plugin-react-swc (source)	4.3.0 → 4.3.1
autoprefixer	10.4.27 → 10.5.0
date-fns	4.1.0 → 4.3.0
eslint (source)	10.1.0 → 10.4.0
eslint-plugin-react-hooks (source)	7.0.1 → 7.1.1
globals	17.4.0 → 17.6.0
lovable-tagger	1.1.13 → 1.3.0
lucide-react (source)	1.6.0 → 1.16.0
postcss (source)	8.5.8 → 8.5.15
react (source)	19.2.4 → 19.2.6
react-dom (source)	19.2.4 → 19.2.6
react-hook-form (source)	7.72.0 → 7.76.1
react-resizable-panels (source)	4.7.5 → 4.11.2
react-router-dom (source)	7.13.2 → 7.15.1
recharts	3.8.0 → 3.8.1
tailwind-merge	3.5.0 → 3.6.0
tailwindcss (source)	4.2.2 → 4.3.0
typescript (source)	6.0.2 → 6.0.3
typescript-eslint (source)	8.57.2 → 8.59.4
vite (source)	8.0.2 → 8.0.14
zod (source)	4.3.6 → 4.4.3

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

react-hook-form/resolvers (@​hookform/resolvers)

v5.4.0

Compare Source

Features

• feat: add ata-validator resolver (#​845)

Fixes

• fix issue with toNestErrors.ts (#​848)

• add guidance on passing context to yupResolver (useForm context) (#​835) (3d29924)

tailwindlabs/tailwindcss (@​tailwindcss/postcss)

v4.3.0

Compare Source

Added

• Add @container-size utility (#​18901)
• Add scrollbar-{auto,thin,none} utilities for scrollbar-width, and scrollbar-thumb-* / scrollbar-track-* color utilities for scrollbar-color (#​19981, #​20019)
• Add scrollbar-gutter-* utilities (#​20018)
• Add zoom-* utilities (#​20020)
• Add tab-* utilities (#​20022)
• Allow using @variant with stacked variants (e.g. @variant hover:focus { … }) (#​19996)
• Allow using @variant with compound variants (e.g. @variant hover, focus { … }) (#​19996)
• Support --default(…) in --value(…) and --modifier(…) for functional @utility definitions (#​19989)

Fixed

• Ensure @plugin resolves package JavaScript entries instead of browser CSS entries when using @tailwindcss/vite (#​19949)
• Fix relative @import and @plugin paths resolving from the wrong directory when using @tailwindcss/vite (#​19965)
• Ensure CSS files containing @variant are processed by @tailwindcss/vite (#​19966)
• Resolve imports relative to base when result.opts.from is not provided when using @tailwindcss/postcss (#​19980)
• Canonicalization: preserve significant _ whitespace in arbitrary values (#​19986)
• Canonicalization: add parentheses when removing whitespace from arbitrary values would hurt readability (e.g. w-[calc(100%---spacing(60))] → w-[calc(100%-(--spacing(60)))]) (#​19986)
• Canonicalization: preserve the original unit in arbitrary values instead of normalizing to base units (e.g. -mt-[20in] → mt-[-20in], not mt-[-1920px]) (#​19988)
• Canonicalization: migrate arbitrary :has() variants from [&:has(…)] to has-[…] (#​19991)
• Upgrade: don’t migrate inline style attributes (e.g. style="flex-grow: 1" → style="flex-grow: 1", not style="grow: 1") (#​19918)
• Allow multiple @utility definitions with the same name but different value types (#​19777)
• Export missing PluginWithConfig type from tailwindcss/plugin to fix errors when inferring plugin config types (#​19707)
• Ensure start and end legacy utilities without values do not generate CSS (#​20003)
• Ensure --value(…) is required in functional @utility definitions (#​20005)
• Canonicalization: preserve required whitespace around operators in negated arbitrary values (e.g. -left-[(var(--a)+var(--b))]) (#​20011)

v4.2.4

Compare Source

Fixed

• Ensure imports in @import and @plugin still resolve correctly when using Vite aliases in @tailwindcss/vite (#​19947)

v4.2.3

Compare Source

Fixed

• Canonicalization: improve canonicalizations for tracking-* utilities by preferring non-negative utilities (e.g. -tracking-tighter → tracking-wider) (#​19827)
• Fix crash due to invalid characters in candidate (exceeding valid unicode code point range) (#​19829)
• Ensure query params in imports are considered unique resources when using @tailwindcss/webpack (#​19723)
• Canonicalization: collapse arbitrary values into shorthand utilities (e.g. px-[1.2rem] py-[1.2rem] → p-[1.2rem]) (#​19837)
• Canonicalization: collapse border-{t,b}-* into border-y-*, border-{l,r}-* into border-x-*, and border-{t,r,b,l}-* into border-* (#​19842)
• Canonicalization: collapse scroll-m{t,b}-* into scroll-my-*, scroll-m{l,r}-* into scroll-mx-*, and scroll-m{t,r,b,l}-* into scroll-m-* (#​19842)
• Canonicalization: collapse scroll-p{t,b}-* into scroll-py-*, scroll-p{l,r}-* into scroll-px-*, and scroll-p{t,r,b,l}-* into scroll-p-* (#​19842)
• Canonicalization: collapse overflow-{x,y}-* into overflow-* (#​19842)
• Canonicalization: collapse overscroll-{x,y}-* into overscroll-* (#​19842)
• Read from --placeholder-color instead of --background-color for placeholder-* utilities (#​19843)
• Upgrade: ensure files are not emptied out when killing the upgrade process while it's running (#​19846)
• Upgrade: use config.content when migrating from Tailwind CSS v3 to Tailwind CSS v4 (#​19846)
• Upgrade: never migrate files that are ignored by git (#​19846)
• Add .env and .env.* to default ignored content files (#​19846)
• Canonicalization: migrate overflow-ellipsis into text-ellipsis (#​19849)
• Canonicalization: migrate start-full → inset-s-full, start-auto → inset-s-auto, start-px → inset-s-px, and start-<number> → inset-s-<number> as well as negative versions (#​19849)
• Canonicalization: migrate end-full → inset-e-full, end-auto → inset-e-auto, end-px → inset-e-px, and end-<number> → inset-e-<number> as well as negative versions (#​19849)
• Canonicalization: move the - sign inside the arbitrary value -left-[9rem] → left-[-9rem] (#​19858)
• Canonicalization: move the - sign outside the arbitrary value ml-[calc(-1*var(--width))] → -ml-(--width) (#​19858)
• Improve performance when scanning JSONL / NDJSON files (#​19862)
• Support NODE_PATH environment variable in standalone CLI (#​19617)

TanStack/query (@​tanstack/react-query)

v5.100.14

Compare Source

Patch Changes

• fix(react-query): do not go into optimistic fetching state when not subscribed (#​10759)

• Updated dependencies []:

  • @​tanstack/query-core@​5.100.14

v5.100.13

Compare Source

Patch Changes

• Updated dependencies [d423168]:
  • @​tanstack/query-core@​5.100.13

v5.100.12

Compare Source

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.12

v5.100.11

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.11

v5.100.10

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.10

v5.100.9

Compare Source

Patch Changes

• Updated dependencies [fcee7bd]:
  • @​tanstack/query-core@​5.100.9

v5.100.8

Compare Source

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.8

v5.100.7

Compare Source

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.7

v5.100.6

Compare Source

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.6

v5.100.5

Compare Source

Patch Changes

• Updated dependencies [a53ef97]:
  • @​tanstack/query-core@​5.100.5

v5.100.4

Compare Source

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.4

v5.100.3

Compare Source

Patch Changes

• fix(suspense): skip calling combine when queries would suspend (#​10576)

• Updated dependencies [f85d825]:

  • @​tanstack/query-core@​5.100.3

v5.100.2

Patch Changes

• Updated dependencies [ea4497e, d6a7bf3, 645d5d1]:
  • @​tanstack/query-core@​5.100.2

v5.100.1

Patch Changes

• Updated dependencies [1bb0d23]:
  • @​tanstack/query-core@​5.100.1

v5.100.0

Compare Source

Patch Changes

• Updated dependencies [6540a41]:
  • @​tanstack/query-core@​5.100.0

v5.99.2

Compare Source

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.99.2

v5.99.1

Compare Source

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.99.1

v5.99.0

Compare Source

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.99.0

v5.98.0

Compare Source

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.98.0

v5.97.0

Compare Source

Patch Changes

• Updated dependencies [2bfb12c]:
  • @​tanstack/query-core@​5.97.0

v5.96.2

Compare Source

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.96.2

v5.96.1

Compare Source

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.96.1

v5.96.0

Compare Source

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.96.0

vitejs/vite-plugin-react (@​vitejs/plugin-react-swc)

v4.3.1

Compare Source

Avoid esbuild warnings with Vite 8 #​1195

Fixes #​1187.

postcss/autoprefixer (autoprefixer)

v10.5.0

Compare Source

• Added mask-position-x and mask-position-y support (by @​toporek).

date-fns/date-fns (date-fns)

v4.3.0

Compare Source

Kudos to @​ImRodry and @​puneetdixit200 for their contributions.

Fixed

• Fixed missing modularized optimization fallback (for Next.js and others). See #​4193.

• Fixed pt locale first day of week to be Sunday. See #​4195 by @​ImRodry.

• Fixed zh-CN, zh-HK, and zh-TW locale month parsing for October, November, and December. See #​4194 by @​puneetdixit200.

v4.2.1

Compare Source

Fixed

• Fixed type definitions missing in v4.2.0 due to TypeScript misconfiguration.

v4.2.0

Compare Source

This is a minor release in all senses, it only includes documentation updates (first of many) that points to the new You Don't Need date-fns* page.

* Not really

Changed

• Added Temporal API references to the JSDoc annotations of add, addBusinessDays, and addDays.

eslint/eslint (eslint)

v10.4.0

Compare Source

v10.3.0

Compare Source

v10.2.1

Compare Source

v10.2.0

Compare Source

Features

• 586ec2f feat: Add meta.languages support to rules (#​20571) (Copilot)
• 14207de feat: add Temporal to no-obj-calls (#​20675) (Pixel998)
• bbb2c93 feat: add Temporal to ES2026 globals (#​20672) (Pixel998)

Bug Fixes

• 542cb3e fix: update first-party dependencies (#​20714) (Francesco Trotta)

Documentation

• a2af743 docs: add language to configuration objects (#​20712) (Francesco Trotta)
• 845f23f docs: Update README (GitHub Actions Bot)
• 5fbcf59 docs: remove sourceType from ts playground link (#​20477) (Tanuj Kanti)
• 8702a47 docs: Update README (GitHub Actions Bot)
• ddeaded docs: Update README (GitHub Actions Bot)
• 2b44966 docs: add Major Releases section to Manage Releases (#​20269) (Milos Djermanovic)
• eab65c7 docs: update eslint versions in examples (#​20664) (루밀LuMir)
• 3e4a299 docs: update ESM Dependencies policies with note for own-usage packages (#​20660) (Milos Djermanovic)

Chores

• 8120e30 refactor: extract no unmodified loop condition (#​20679) (kuldeep kumar)
• 46e8469 chore: update dependency markdownlint-cli2 to ^0.22.0 (#​20697) (renovate[bot])
• 01ed3aa test: add unit tests for unicode utilities (#​20622) (Manish chaudhary)
• 811f493 ci: remove --legacy-peer-deps from types integration tests (#​20667) (Milos Djermanovic)
• 6b86fcf chore: update dependency npm-run-all2 to v8 (#​20663) (renovate[bot])
• 632c4f8 chore: add prettier update commit to .git-blame-ignore-revs (#​20662) (루밀LuMir)
• b0b0f21 chore: update dependency eslint-plugin-regexp to ^3.1.0 (#​20659) (Milos Djermanovic)
• 228a2dd chore: update dependency eslint-plugin-eslint-plugin to ^7.3.2 (#​20661) (Milos Djermanovic)
• 3ab4d7e test: Add tests for eslintrc-style keys (#​20645) (kuldeep kumar)

facebook/react (eslint-plugin-react-hooks)

v7.1.1

Compare Source

Note: 7.1.0 accidentally removed the component-hook-factories rule, causing errors for users who referenced it in their ESLint config. This is now fixed.

• Add deprecated no-op component-hook-factories rule for backwards compatibility. (@​mofeiZ in #​36307)

v7.1.0

Compare Source

This release adds ESLint v10 support, improves performance by skipping compilation for non-React files, and includes compiler lint improvements including better set-state-in-effect detection, improved ref validation, and more helpful error reporting.

• Add ESLint v10 support. (@​nicolo-ribaudo in #​35720)
• Skip compilation for non-React files to improve performance. (@​josephsavona in #​35589)
• Fix exhaustive deps bug with Flow type casting. (@​jorge-cab in #​35691)
• Fix useEffectEvent checks in component syntax. (@​jbrown215 in #​35041)
• Improved set-state-in-effect validation with fewer false negatives. (@​jorge-cab in #​35134, @​josephsavona in #​35147, @​jackpope in #​35214, @​chesnokov-tony in #​35419, @​jsleitor in #​36107)
• Improved ref validation for non-mutating functions and event handler props. (@​josephsavona in #​35893, @​kolvian in #​35062)
• Compiler now reports all errors instead of stopping at the first. (@​josephsavona in #​35873–#​35884)
• Improved source locations and error display in compiler diagnostics. (@​nathanmarks in #​35348, @​josephsavona in #​34963)

sindresorhus/globals (globals)

v17.6.0

Compare Source

v17.5.0

Compare Source

lucide-icons/lucide (lucide-react)

v1.16.0: Version 1.16.0

Compare Source

What's Changed

• feat(icons): added blender icon by @​rrod497 in #​3884

Full Changelog: lucide-icons/lucide@1.15.0...1.16.0

v1.15.0

Compare Source

v1.14.0: Version 1.14.0

Compare Source

What's Changed

• feat(icons): added repeat-off icon by @​jguddas in #​3102

Full Changelog: lucide-icons/lucide@1.13.0...1.14.0

v1.13.0: Version 1.13.0

Compare Source

What's Changed

• fix(docs): sync URL params with UI state on categories page by @​taimar in #​4111
• feat(icons): add waves-vertical icon by @​jamiemlaw in #​3867

Full Changelog: lucide-icons/lucide@1.12.0...1.13.0

v1.12.0: Version 1.12.0

Compare Source

What's Changed

• feat(icon): add folder-bookmark icon by @​swastik7805 in #​4262
• docs(readme): Update readme files by @​ericfennis in #​4320
• feat(icons): added astroid icon by @​whoisBugsbunny in #​4217

Full Changelog: lucide-icons/lucide@1.10.0...1.12.0

v1.11.0: Version 1.11.0

Compare Source

What's Changed

• docs: add missing period to TypeScript Support description by @​jglu in #​4309
• fix(@​lucide/svelte): proper doc comments for svelte components by @​blt-r in #​4267
• chore(deps): bump svgo from 3.3.2 to 3.3.3 by @​dependabot[bot] in #​4119
• chore(deps-dev): bump astro from 6.0.8 to 6.1.6 by @​dependabot[bot] in #​4310
• feat(icons): add power and quick tags to zap and zap-off by @​swastik7805 in #​4268
• test(build-font): added comprehensive unit tests on build-font tool by @​karsa-mistmere in #​4315
• feat(docs): blur background of framework-select by @​Spleefies in #​4238
• feat(icon): add heart-x icon by @​swastik7805 in #​4264
• fix(icons): optimised rotate-3d icon by @​jamiemlaw in #​4299
• feat(icons): added layers-minus icon by @​Spleefies in #​4005
• feat(icons): added bell-check icon by @​pettelau in #​4152

New Contributors

• @​jglu made their first contribution in #​4309
• @​pettelau made their first contribution in #​4152

Full Changelog: lucide-icons/lucide@1.9.0...1.11.0

v1.10.0: Version 1.10.0

Compare Source

What's Changed

• docs: add missing period to TypeScript Support description by @​jglu in #​4309
• fix(@​lucide/svelte): proper doc comments for svelte components by @​blt-r in #​4267
• chore(deps): bump svgo from 3.3.2 to 3.3.3 by @​dependabot[bot] in #​4119
• chore(deps-dev): bump astro from 6.0.8 to 6.1.6 by @​dependabot[bot] in #​4310
• feat(icons): add power and quick tags to zap and zap-off by @​swastik7805 in #​4268
• test(build-font): added comprehensive unit tests on build-font tool by @​karsa-mistmere in #​4315
• feat(docs): blur background of framework-select by @​Spleefies in #​4238
• feat(icon): add heart-x icon by @​swastik7805 in #​4264
• fix(icons): optimised rotate-3d icon by @​jamiemlaw in #​4299
• feat(icons): added layers-minus icon by @​Spleefies in #​4005
• feat(icons): added bell-check icon by @​pettelau in #​4152

New Contributors

• @​jglu made their first contribution in #​4309
• @​pettelau made their first contribution in #​4152

Full Changelog: lucide-icons/lucide@1.9.0...1.10.0

v1.9.0: Version 1.9.0

Compare Source

What's Changed

• fix(packages/angular): allow string inputs for size by @​swastik7805 in #​4253
• fix(gh-icon): update colors for ColoredPath component by @​jguddas in #​4233
• feat(packages): use .mjs for ESM bundles by @​karsa-mistmere in #​4285
• fix(build-font): add collision detection to font codepoints by @​karsa-mistmere in #​4300
• feat(icons): added timeline icon by @​jguddas in #​4270

New Contributors

• @​swastik7805 made their first contribution in #​4253

Full Changelog: lucide-icons/lucide@1.8.0...1.9.0

v1.8.0: Version 1.8.0

Compare Source

What's Changed

• docs(packages/angular): add packageDirname for @​lucide/angular by @​rhutchison in #​4211
• chore(icons): Username change knarlix to RajnishKMehta by @​RajnishKMehta in #​4208
• ci(@​lucide/angular): Fix publishing problem by @​ericfennis in #​4213
• docs: fix broken links in pull_request_template.md (got 404 page) by @​whoisBugsbunny in #​4224
• fix(lucide-static): add viewBox to sprite symbol elements by @​TomaTV in #​4223
• docs: Fix link to icon design principles in statement by @​whoisBugsbunny in #​4225
• feat(docs): add Zephyr Cloud to Hero Backers tier by @​karsa-mistmere in #​4226
• fix(icons): fixes gap issues in radio-off.svg by @​karsa-mistmere in #​4227
• fix(icons): renamed text-select to square-dashed-text by @​jguddas in #​3943
• fix(docs): improve mobile layout of v1 banner by @​karsa-mistmere in #​4254
• fix(@​lucide/svelte): aria-hidden="true" was never set by @​blt-r in #​4234
• fix(icons): remove ui/ux tag from heart-minus, add delete instead by @​karsa-mistmere in #​4266
• chore(deps-dev): bump vite from 7.3.1 to 7.3.2 by @​dependabot[bot] in #​4276
• chore(deps): bump lodash-es from 4.17.23 to 4.18.1 by @​dependabot[bot] in #​4251
• chore(deps): bump vite from 5.4.21 to 6.4.2 by @​dependabot[bot] in #​4286
• feat(docs): use initOnMounted: true for useSessionStorage in CarbonAdOverlay by @​karsa-mistmere in #​4275
• feat(icons): added bookmark-off icon by @​ZeenatLawal in #​4283

New Contributors

• @​rhutchison made their first contribution in #​4211
• [@​whoisBugsbunny](https://redirect.github.c

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (in timezone Europe/London)

• Branch creation
  • "before 10am on friday"
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Caution

[High Risk] New EC2 health server is being introduced as a broadly reachable endpoint in a public production subnet

The change creates a new production EC2 instance in subnet-07b5b1fb2ba02f964, a public subnet whose route table sends 0.0.0.0/0 to an internet gateway, and its user_data starts a Python HTTP server bound to 0.0.0.0:9090. The instance is then registered directly into the api-health-terraform-example target group on port 9090, and its attached security groups allow inbound 9090 from all 10.0.0.0/8 plus inbound 443 from a large set of external customer CIDRs.

This does not exactly match the hypothesis's claim that the instance definitely inherits the existing 0.0.0.0/0 SSH/HTTP security group, but it still creates the same category of failure: a new broadly reachable EC2 HTTP endpoint in a production public subnet outside the tighter ALB-to-app security-group model already used by api-207c90ee-alb. That weakens network segmentation, expands internal lateral-movement paths, and may expose health traffic through paths that are not protected the same way as the main web tier. This is a security finding under SEC05-BP01 and SEC05-BP02, and it conflicts with the organization's rule that EC2 instances must not be directly internet reachable.
_{View reasoning tree here.}

Caution

[High Risk] Instance replacement rewires target health and instance-scoped alarms at the same time, creating a masked outage window

The AWS rollout replaces the api_server instances while also replacing the ALB target group and moving the target attachment to a new target group on port 9090. The current target group 540044833068.eu-west-2.elbv2-target-group.api-207c90ee-tg serves HTTP on port 80 with /health checks on the traffic port, but the planned attachment registers the replacement instance into api-health-terraform-example on 9090. Because the new attachment depends on the new instance ID, there is no evidence of dual-wiring that keeps old and new targets healthy at the same time. Traffic can therefore hit a window with no healthy targets during the cutover, causing user-visible outage even if Terraform eventually completes.

At the same time, the instance-scoped alarms are being rebound to new instance identities. The CloudWatch alarm 540044833068.eu-west-2.cloudwatch-alarm.api-207c90ee-high-cpu currently watches a specific EC2 InstanceId, and the GCP alert policies for inventory-api and payments-api currently filter on specific gce_instance IDs; all of those identifiers become known after apply in this rollout. That means the same change that can break traffic also temporarily weakens the instance-level monitoring that would detect it, creating a masked-failure window during replacement.
_{View reasoning tree here.}

Signals

Routine → Multiple API server and API access resources showing only 1-2 events/week for the last 3 months, which is infrequent compared to typical patterns. Several related resources also show 1 event/week for the last 5 weeks or 2 events/week for the last 3 weeks.
Policies → Multiple infrastructure resources showing unusual policy violations that may need review: an S3 bucket is missing required tags and does not have server-side encryption configured, while a security group allows SSH (port 22) access from anywhere (0.0.0.0/0).

_{Additional Change Details:} Items 148 Edges 256 model|risks_v6 ✨Encryption Key State Risk ✨KMS Key Creation

[github-actions]

⛔ Auto-Blocked

---

🔴 Decision

Auto-blocked: Routine score (-5) is below minimum (-1)

---

📊 Signals Summary

Routine 🔴 -5

---

🔥 Risks Summary

High 0 · Medium 0 · Low 0

---

💥 Blast Radius

Items 97 · Edges 246

---

View full analysis in Overmind ↗

[github-actions]

⛔ Auto-Blocked

---

🔴 Decision

Auto-blocked: Policy signal (-3) is below threshold (-2); Routine score (-5) is below minimum (-1)

---

📊 Signals Summary

Routine 🔴 -5

Policies 🔴 -3

---

🔥 Risks Summary

High 0 · Medium 0 · Low 0

---

💥 Blast Radius

Items 27 · Edges 66

---

View full analysis in Overmind ↗

[github-actions]

⛔ Auto-Blocked

---

🔴 Decision

Auto-blocked: Policy signal (-3) is below threshold (-2); Routine score (-5) is below minimum (-1)

---

📊 Signals Summary

Routine 🔴 -5

Policies 🔴 -3

---

🔥 Risks Summary

High 0 · Medium 0 · Low 0

---

💥 Blast Radius

Items 8 · Edges 30

---

View full analysis in Overmind ↗

[github-actions]

⛔ Auto-Blocked

---

🔴 Decision

Found 2 high risks requiring review

---

📊 Signals Summary

Routine 🔴 -5

Policies 🔴 -3

---

🔥 Risks Summary

High 2 · Medium 0 · Low 0

---

💥 Blast Radius

Items 11 · Edges 25

---

View full analysis in Overmind ↗

[github-actions]

⛔ Auto-Blocked

---

🔴 Decision

Auto-blocked: Policy signal (-3) is below threshold (-2); Routine score (-5) is below minimum (-1)

---

📊 Signals Summary

Routine 🔴 -5

Policies 🔴 -3

---

🔥 Risks Summary

High 0 · Medium 0 · Low 0

---

💥 Blast Radius

Items 8 · Edges 30

---

View full analysis in Overmind ↗

[github-actions]

⛔ Auto-Blocked

---

🔴 Decision

Auto-blocked: Policy signal (-3) is below threshold (-2); Routine score (-5) is below minimum (-1)

---

📊 Signals Summary

Routine 🔴 -5

Policies 🔴 -3

---

🔥 Risks Summary

High 0 · Medium 0 · Low 0

---

💥 Blast Radius

Items 12 · Edges 38

---

View full analysis in Overmind ↗

[github-actions]

⛔ Auto-Blocked

---

🔴 Decision

Auto-blocked: Policy signal (-3) is below threshold (-2); Routine score (-5) is below minimum (-1)

---

📊 Signals Summary

Routine 🔴 -5

Policies 🔴 -3

---

🔥 Risks Summary

High 0 · Medium 0 · Low 0

---

💥 Blast Radius

Items 4 · Edges 20

---

View full analysis in Overmind ↗

[github-actions]

⛔ Auto-Blocked

---

🔴 Decision

Found 1 high risk requiring review

---

📊 Signals Summary

Routine 🔴 -5

Policies 🔴 -3

---

🔥 Risks Summary

High 1 · Medium 0 · Low 0

---

💥 Blast Radius

Items 2 · Edges 20

---

View full analysis in Overmind ↗

[github-actions]

⛔ Auto-Blocked

---

🔴 Decision

Found 1 high risk requiring review

---

📊 Signals Summary

Routine 🔴 -5

Policies 🔴 -3

---

🔥 Risks Summary

High 1 · Medium 0 · Low 0

---

💥 Blast Radius

Items 16 · Edges 45

---

View full analysis in Overmind ↗

[github-actions]

⛔ Auto-Blocked

---

🔴 Decision

Auto-blocked: Policy signal (-3) is below threshold (-2); Routine score (-5) is below minimum (-1)

---

📊 Signals Summary

Routine 🔴 -5

Policies 🔴 -3

---

🔥 Risks Summary

High 0 · Medium 0 · Low 0

---

💥 Blast Radius

Items 21 · Edges 63

---

View full analysis in Overmind ↗

[github-actions]

⛔ Auto-Blocked

---

🔴 Decision

Auto-blocked: Policy signal (-3) is below threshold (-2); Routine score (-5) is below minimum (-1)

---

📊 Signals Summary

Routine 🔴 -5

Policies 🔴 -3

---

🔥 Risks Summary

High 0 · Medium 0 · Low 0

---

💥 Blast Radius

Items 49 · Edges 141

---

View full analysis in Overmind ↗