Update tailwind CLI to current version 4.1.18 #3302
Description
Preliminary Checks
- This issue is not a duplicate. Before opening a new issue, please search existing issues: https://github.com/HugoBlox/kit/issues?q=is%3Aissue
- This issue is not a question, feature request, or anything other than a bug report directly related to HugoBlox Kit. Please post those things on Discord: https://discord.gg/z8wNYzb
Description
The currently provided version 4.1.12 has a high risk vulnerability in transitive dependency tar (version 7.4.3).
Reproduction Link
https://github.com/HugoBlox/kit
Steps to Reproduce
The dependabod on my own repository (with the same npm-lock.json as in the templates now) send me 4 security allers.
Known security vulnerabilities detected
Dependencytar Version<= 7.5.2 Upgrade to~> 7.5.3
Defined in pnpm-lock.yaml
Vulnerabilities
CVE-2026-23745 High severity
CVE-2026-23950 High severity
CVE-2026-24842 High severity
Expected Result
The dependabot should be happy and send no security alerts. The package.json contain the latest versions of all dependencies.
{
"name": "hugo-blox-blog-starter",
"version": "1.0.0",
"private": true,
"packageManager": "pnpm@10.14.0",
"description": "Blog starter template for Hugo Blox with Tailwind CSS v4",
"scripts": {
"dev": "hugo server --disableFastRender",
"build": "hugo --minify && pnpm run pagefind",
"pagefind": "pagefind --site public"
},
"dependencies": {
"@tailwindcss/cli": "^4.1.18",
"@tailwindcss/typography": "^0.5.19",
"pagefind": "^1.4.0",
"preact": "^10.28.3",
"tailwindcss": "^4.1.18"
}
}
Actual Result
Known security vulnerabilities detected
Dependencytar Version<= 7.5.2 Upgrade to~> 7.5.3
Defined in pnpm-lock.yaml
Vulnerabilities
CVE-2026-23745 High severity
CVE-2026-23950 High severity
CVE-2026-24842 High severity
What Hugo Module versions does your site use?
0.11
What operating system(s) are you seeing the problem on?
macOS
What browser(s) are you seeing the problem on?
Other
Which Hugo Blox template are you using?
blog
What version of Hugo are you using?
1.155.0