fix(deps): update all non-major dependencies

[a-klos]

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update	Pending
@eslint/js (source)	9.39.2 -> 9.39.4			devDependencies	patch
@intlify/unplugin-vue-i18n (source)	11.0.3 -> 11.1.2			devDependencies	minor
@nx/cypress (source)	21.6.10 -> 21.6.11			devDependencies	patch
@nx/eslint (source)	21.6.10 -> 21.6.11			devDependencies	patch
@nx/eslint-plugin (source)	21.6.10 -> 21.6.11			devDependencies	patch
@nx/js (source)	21.6.10 -> 21.6.11			devDependencies	patch
@nx/vite (source)	21.6.10 -> 21.6.11			devDependencies	patch
@nx/vue (source)	21.6.10 -> 21.6.11			devDependencies	patch
@nx/web (source)	21.6.10 -> 21.6.11			devDependencies	patch
@nx/workspace (source)	21.6.10 -> 21.6.11			devDependencies	patch
@rushstack/eslint-patch (source)	1.15.0 -> 1.16.1			devDependencies	minor
@sit-onyx/icons (source)	1.5.0 -> 1.9.0			devDependencies	minor
@tailwindcss/postcss (source)	4.1.18 -> 4.2.4			devDependencies	minor
@tailwindcss/vite (source)	4.1.18 -> 4.2.4			devDependencies	minor
@tsconfig/node21 (source)	21.0.7 -> 21.0.8			devDependencies	patch
@types/node (source)	22.19.10 -> 22.19.17			devDependencies	patch
@typescript-eslint/eslint-plugin (source)	8.54.0 -> 8.59.0			devDependencies	minor	8.59.1
@typescript-eslint/parser (source)	8.54.0 -> 8.59.0			devDependencies	minor	8.59.1
@vitejs/plugin-vue (source)	6.0.4 -> 6.0.6			devDependencies	patch
@vue/eslint-config-typescript	14.6.0 -> 14.7.0			devDependencies	minor
@vue/test-utils	2.4.6 -> 2.4.8			devDependencies	patch	2.4.10 (+1)
aiohttp	3.13.3 -> 3.13.5			dependencies	patch
authlib	1.6.9 -> 1.7.0			dependencies	minor
autoprefixer	10.4.24 -> 10.5.0			devDependencies	minor
axios (source)	1.13.5 -> 1.15.2			devDependencies	minor	1.16.0
azure-core (source)	1.38.0 -> 1.39.0			dependencies	minor	1.40.0
boto3	1.42.49 -> 1.42.96			dependencies	patch	1.43.2 (+3)
boto3	1.42.44 -> 1.42.96			dependencies	patch	1.43.2 (+3)
botocore	1.42.49 -> 1.42.96			dependencies	patch	1.43.2 (+3)
cert-manager (source)	v1.19.3 -> v1.20.2				minor
conventional-changelog-conventionalcommits (source)	9.1.0 -> 9.3.1			devDependencies	minor
coverage	7.13.4 -> 7.13.5			test	patch
coverage	7.11.3 -> 7.13.5			test	minor
daisyui (source)	5.5.18 -> 5.5.19			devDependencies	patch
datasets	4.5.0 -> 4.8.4			dependencies	minor	4.8.5
debugpy (source)	1.8.17 -> 1.8.20			dev	patch
dependency-injector	4.48.3 -> 4.49.0			dependencies	minor
docling (changelog)	2.73.1 -> 2.91.0			dependencies	minor	2.92.0
esbuild	^0.27.0 -> ^0.28.0			devDependencies	minor
eslint (source)	9.39.2 -> 9.39.4			devDependencies	patch
eslint-plugin-cypress	5.2.1 -> 5.3.0			devDependencies	minor
eslint-plugin-vue (source)	10.7.0 -> 10.9.0			devDependencies	minor
fastapi (changelog)	^0.128.0 -> ^0.136.0			dependencies	minor
fastapi (changelog)	^0.128.0 -> ^0.136.0			dependencies	minor
fastembed	^0.7.0 -> ^0.8.0			dependencies	minor
fastmcp	2.14.5 -> 2.14.7			dependencies	patch
filelock	3.20.3 -> 3.29.0			dependencies	minor
flake8-pyproject (changelog)	1.2.3 -> 1.2.4			lint	patch
ingress-nginx	4.14.3 -> 4.15.1				minor
langchain (changelog)	1.2.9 -> 1.2.15			dependencies	patch	1.2.17 (+1)
langchain-core (changelog)	1.2.13 -> 1.3.2			dependencies	minor
langchain-ollama (changelog)	1.0.1 -> 1.1.0			dependencies	minor
langchain-openai (changelog)	1.1.8 -> 1.2.1			dependencies	minor
langchain-text-splitters (changelog)	1.1.0 -> 1.1.2			dependencies	patch
langfuse	3.14.1 -> 3.14.6			dependencies	patch
langfuse (source)	1.5.19 -> 1.5.27				patch	1.5.28
langfuse/langfuse	3.152.0 -> 3.170.0				minor	3.172.1 (+2)
langfuse/langfuse-worker	3.152.0 -> 3.170.0				minor	3.172.1 (+2)
langsmith	^0.6.3 -> ^0.7.0			dependencies	minor	0.8.0 (+2)
lodash (source)	4.17.23 -> 4.18.1			overrides	minor
mammoth	1.11.0 -> 1.12.0			dependencies	minor
markitdown	0.1.4 -> 0.1.5			dependencies	patch
numpy (changelog)	2.3.5 -> 2.4.4			dependencies	minor
nx (source)	21.6.10 -> 21.6.11			devDependencies	patch
ollama (source)	1.41.0 -> 1.55.0				minor
poetry (changelog)	2.3.2 -> 2.3.4			dependencies	patch
postcss (source)	8.5.6 -> 8.5.10			devDependencies	patch	8.5.13 (+2)
protobuf	6.33.5 -> 6.33.6			dependencies	patch
pydantic (changelog)	2.12.5 -> 2.13.3			dependencies	minor
pydantic-settings (changelog)	2.12.0 -> 2.14.0			dependencies	minor
pypandoc	1.16.2 -> 1.17			dependencies	minor
pypandoc-binary	1.16.2 -> 1.17			dependencies	minor
pypandoc_binary	1.16.2 -> 1.17			dependencies	minor
python-multipart (changelog)	^0.0.22 -> ^0.0.26			dependencies	patch	0.0.27
qdrant (source)	1.16.3 -> 1.17.1				minor
qdrant-client	1.16.2 -> 1.17.1			dependencies	minor
requests (changelog)	2.32.5 -> 2.33.1			dependencies	minor
stackit (source)	~> 0.80.0 -> ~> 0.93.0			required_provider	minor	0.94.0
tabulate	^0.9.0 -> ^0.10.0			dependencies	minor
tailwindcss (source)	4.1.18 -> 4.2.4			devDependencies	minor
tesserocr	2.9.2 -> 2.10.0			dependencies	minor
torch	2.10.0+cpu -> 2.11.0+cpu			dependencies	minor
torchvision	^0.25.0 -> ^0.26.0			dependencies	minor
unstructured	0.18.31 -> 0.22.23			dependencies	minor	0.22.26
uvicorn (changelog)	^0.40.0 -> ^0.46.0			dependencies	minor
vite (source)	7.3.1 -> 7.3.2			devDependencies	patch
vue (source)	3.5.27 -> 3.5.33			dependencies	patch
vue-eslint-parser	10.2.0 -> 10.4.0			devDependencies	minor
vue-i18n (source)	11.2.8 -> 11.4.0			dependencies	minor
vue-tsc (source)	3.2.4 -> 3.2.7			devDependencies	patch
wheel (changelog)	^0.46.0 -> ^0.47.0			dependencies	minor

---

Release Notes

eslint/eslint (@​eslint/js)

v9.39.4

Compare Source

Bug Fixes

• f18f6c8 fix: update dependency minimatch to ^3.1.5 (#​20564) (Milos Djermanovic)
• a3c868f fix: update dependency @​eslint/eslintrc to ^3.3.4 (#​20554) (Milos Djermanovic)
• 234d005 fix: minimatch security vulnerability patch for v9.x (#​20549) (Andrej Beles)
• b1b37ee fix: update ajv to 6.14.0 to address security vulnerabilities (#​20538) (루밀LuMir)

Documentation

• 4675152 docs: add deprecation notice partial (#​20520) (Milos Djermanovic)

Chores

• b8b4eb1 chore: update dependencies for ESLint v9.39.4 (#​20596) (Francesco Trotta)
• 71b2f6b chore: package.json update for @​eslint/js release (Jenkins)
• 1d16c2f ci: pin Node.js 25.6.1 (#​20563) (Milos Djermanovic)

v9.39.3

Compare Source

Bug Fixes

• 791bf8d fix: restore TypeScript 4.0 compatibility in types (#​20504) (sethamus)

Chores

• 8594a43 chore: upgrade @​eslint/js@​9.39.3 (#​20529) (Milos Djermanovic)
• 9ceef92 chore: package.json update for @​eslint/js release (Jenkins)
• af498c6 chore: ignore /docs/v9.x in link checker (#​20453) (Milos Djermanovic)

intlify/bundle-tools (@​intlify/unplugin-vue-i18n)

v11.1.2

Compare Source

What's Changed

🐛 Bug Fixes

• fix(unplugin-vue-i18n): preserve vite:json ObjectHook shape for Vite 8 compatibility by @​kazupon in #​554

Full Changelog: intlify/bundle-tools@v11.1.1...v11.1.2

v11.1.1

Compare Source

What's Changed

🐛 Bug Fixes

• fix(unplugin-vue-i18n): support JS/TS lang in SFC i18n custom blocks by @​kazupon in #​549

Full Changelog: intlify/bundle-tools@v11.1.0...v11.1.1

v11.1.0

Compare Source

What's Changed

🌟 Features

• feat(unplugin-vue-i18n): support locale mesasges tree-shaking by @​kazupon in #​542

Full Changelog: intlify/bundle-tools@v11.0.7...v11.1.0

v11.0.7

Compare Source

Full Changelog: intlify/bundle-tools@v11.0.6...v11.0.7

nrwl/nx (@​nx/cypress)

v21.6.11

Compare Source

21.6.11 (2026-04-17)

🩹 Fixes

• linter: handle various flat config override structures (#​33548, #​31796)
• linter: handle variable references in replaceOverride (#​34026, #​34010)

❤️ Thank You

• Claude Opus 4.5
• Jack Hsu @​jaysoo

microsoft/rushstack (@​rushstack/eslint-patch)

v1.16.1

Compare Source

Fri, 20 Feb 2026 00:15:04 GMT

Patches

• Add "node" condition before "import" in the "exports" map so that Node.js uses the CJS output (which handles extensionless imports), while bundlers still use ESM via "import". Fixes #​5644.

v1.16.0

Compare Source

Thu, 19 Feb 2026 00:04:52 GMT

Minor changes

• Normalize package layout. CommonJS is now under lib-commonjs, DTS is now under lib-dts, and ESM is now under lib-esm. Imports to lib still work as before, handled by the "exports" field in package.json.

SchwarzIT/onyx (@​sit-onyx/icons)

v1.9.0

Compare Source

Minor Changes

• feat: update icons

New

• mail-arrow
• self-checkout
• terminal-checkout
• arrow-small-left-right
• drag-and-drop

Patch Changes

• 947ef1d: fix: Now the metadata.json is published via the dist, too
• 947ef1d: fix: svg files could not be imported directly

v1.8.0

Compare Source

Minor Changes

• 0e552d7: feat: update icons

New

• box-gift

v1.7.0

Compare Source

Minor Changes

• a513471: feat: update icons
• 1dee330: feat: update icons

New

• numbered-list
• chevron-first-page
• chevron-last-page

Modified

• eye-closed
• share-android

v1.6.0

Compare Source

Minor Changes

• 3e34b0c: feat: update icons

New

• dremio
• pubsub-service

tailwindlabs/tailwindcss (@​tailwindcss/postcss)

v4.2.4

Compare Source

Fixed

• Ensure imports in @import and @plugin still resolve correctly when using Vite aliases in @tailwindcss/vite (#​19947)

v4.2.3

Compare Source

Fixed

• Canonicalization: improve canonicalization for tracking-* utilities by preferring non-negative utilities (e.g. -tracking-tighter → tracking-wider) (#​19827)
• Fix crash due to invalid characters in candidate (exceeding valid unicode code point range) (#​19829)
• Ensure query params in imports are considered unique resources when using @tailwindcss/webpack (#​19723)
• Canonicalization: collapse arbitrary values into shorthand utilities (e.g. px-[1.2rem] py-[1.2rem] → p-[1.2rem]) (#​19837)
• Canonicalization: collapse border-{t,b}-* into border-y-*, border-{l,r}-* into border-x-*, and border-{t,r,b,l}-* into border-* (#​19842)
• Canonicalization: collapse scroll-m{t,b}-* into scroll-my-*, scroll-m{l,r}-* into scroll-mx-*, and scroll-m{t,r,b,l}-* into scroll-m-* (#​19842)
• Canonicalization: collapse scroll-p{t,b}-* into scroll-py-*, scroll-p{l,r}-* into scroll-px-*, and scroll-p{t,r,b,l}-* into scroll-p-* (#​19842)
• Canonicalization: collapse overflow-{x,y}-* into overflow-* (#​19842)
• Canonicalization: collapse overscroll-{x,y}-* into overscroll-* (#​19842)
• Read from --placeholder-color instead of --background-color for placeholder-* utilities (#​19843)
• Upgrade: ensure files are not emptied out when killing the upgrade process while it's running (#​19846)
• Upgrade: use config.content when migrating from Tailwind CSS v3 to Tailwind CSS v4 ([#&

---

Configuration

📅 Schedule: Branch creation - "before 4am" in timezone UTC, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[a-klos]

⚠️ Artifact update problem

Renovate failed to update artifacts related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: libs/extractor-api-lib/poetry.lock

Updating dependencies
Resolving dependencies...


Because no versions of langfuse match >3.10.1,<3.10.2 || >3.10.2,<3.10.3 || >3.10.3,<3.10.4 || >3.10.4,<3.10.5 || >3.10.5,<3.10.6 || >3.10.6,<3.10.7 || >3.10.7,<3.11.0 || >3.11.0,<3.11.1 || >3.11.1,<3.11.2 || >3.11.2,<3.12.0 || >3.12.0,<3.12.1 || >3.12.1,<3.13.0 || >3.13.0,<3.14.0 || >3.14.0,<3.14.1 || >3.14.1,<3.14.2 || >3.14.2,<3.14.3 || >3.14.3,<3.14.4 || >3.14.4,<3.14.5 || >3.14.5,<3.14.6 || >3.14.6,<4.0.0
 and langfuse (3.10.1) depends on wrapt (>=1.14,<2.0), langfuse (>=3.10.1,<3.10.2 || >3.10.2,<3.10.3 || >3.10.3,<3.10.4 || >3.10.4,<3.10.5 || >3.10.5,<3.10.6 || >3.10.6,<3.10.7 || >3.10.7,<3.11.0 || >3.11.0,<3.11.1 || >3.11.1,<3.11.2 || >3.11.2,<3.12.0 || >3.12.0,<3.12.1 || >3.12.1,<3.13.0 || >3.13.0,<3.14.0 || >3.14.0,<3.14.1 || >3.14.1,<3.14.2 || >3.14.2,<3.14.3 || >3.14.3,<3.14.4 || >3.14.4,<3.14.5 || >3.14.5,<3.14.6 || >3.14.6,<4.0.0) requires wrapt (>=1.14,<2.0).
And because langfuse (3.10.2) depends on wrapt (>=1.14,<2.0), langfuse (>=3.10.1,<3.10.3 || >3.10.3,<3.10.4 || >3.10.4,<3.10.5 || >3.10.5,<3.10.6 || >3.10.6,<3.10.7 || >3.10.7,<3.11.0 || >3.11.0,<3.11.1 || >3.11.1,<3.11.2 || >3.11.2,<3.12.0 || >3.12.0,<3.12.1 || >3.12.1,<3.13.0 || >3.13.0,<3.14.0 || >3.14.0,<3.14.1 || >3.14.1,<3.14.2 || >3.14.2,<3.14.3 || >3.14.3,<3.14.4 || >3.14.4,<3.14.5 || >3.14.5,<3.14.6 || >3.14.6,<4.0.0) requires wrapt (>=1.14,<2.0).
And because langfuse (3.10.3) depends on wrapt (>=1.14,<2.0)
 and langfuse (3.10.4) depends on wrapt (>=1.14,<2.0), langfuse (>=3.10.1,<3.10.5 || >3.10.5,<3.10.6 || >3.10.6,<3.10.7 || >3.10.7,<3.11.0 || >3.11.0,<3.11.1 || >3.11.1,<3.11.2 || >3.11.2,<3.12.0 || >3.12.0,<3.12.1 || >3.12.1,<3.13.0 || >3.13.0,<3.14.0 || >3.14.0,<3.14.1 || >3.14.1,<3.14.2 || >3.14.2,<3.14.3 || >3.14.3,<3.14.4 || >3.14.4,<3.14.5 || >3.14.5,<3.14.6 || >3.14.6,<4.0.0) requires wrapt (>=1.14,<2.0).
And because langfuse (3.10.5) depends on wrapt (>=1.14,<2.0)
 and langfuse (3.10.6) depends on wrapt (>=1.14,<2.0), langfuse (>=3.10.1,<3.10.7 || >3.10.7,<3.11.0 || >3.11.0,<3.11.1 || >3.11.1,<3.11.2 || >3.11.2,<3.12.0 || >3.12.0,<3.12.1 || >3.12.1,<3.13.0 || >3.13.0,<3.14.0 || >3.14.0,<3.14.1 || >3.14.1,<3.14.2 || >3.14.2,<3.14.3 || >3.14.3,<3.14.4 || >3.14.4,<3.14.5 || >3.14.5,<3.14.6 || >3.14.6,<4.0.0) requires wrapt (>=1.14,<2.0).
And because langfuse (3.10.7) depends on wrapt (>=1.14,<2.0)
 and langfuse (3.11.0) depends on wrapt (>=1.14,<2.0), langfuse (>=3.10.1,<3.11.1 || >3.11.1,<3.11.2 || >3.11.2,<3.12.0 || >3.12.0,<3.12.1 || >3.12.1,<3.13.0 || >3.13.0,<3.14.0 || >3.14.0,<3.14.1 || >3.14.1,<3.14.2 || >3.14.2,<3.14.3 || >3.14.3,<3.14.4 || >3.14.4,<3.14.5 || >3.14.5,<3.14.6 || >3.14.6,<4.0.0) requires wrapt (>=1.14,<2.0).
And because langfuse (3.11.1) depends on wrapt (>=1.14,<2.0)
 and langfuse (3.11.2) depends on wrapt (>=1.14,<2.0), langfuse (>=3.10.1,<3.12.0 || >3.12.0,<3.12.1 || >3.12.1,<3.13.0 || >3.13.0,<3.14.0 || >3.14.0,<3.14.1 || >3.14.1,<3.14.2 || >3.14.2,<3.14.3 || >3.14.3,<3.14.4 || >3.14.4,<3.14.5 || >3.14.5,<3.14.6 || >3.14.6,<4.0.0) requires wrapt (>=1.14,<2.0).
And because langfuse (3.12.0) depends on wrapt (>=1.14,<2.0)
 and langfuse (3.13.0) depends on wrapt (>=1.14,<2.0), langfuse (>=3.10.1,<3.12.1 || >3.12.1,<3.14.0 || >3.14.0,<3.14.1 || >3.14.1,<3.14.2 || >3.14.2,<3.14.3 || >3.14.3,<3.14.4 || >3.14.4,<3.14.5 || >3.14.5,<3.14.6 || >3.14.6,<4.0.0) requires wrapt (>=1.14,<2.0).
And because langfuse (3.14.0) depends on wrapt (>=1.14,<2.0)
 and langfuse (3.14.1) depends on wrapt (>=1.14,<2.0), langfuse (>=3.10.1,<3.12.1 || >3.12.1,<3.14.2 || >3.14.2,<3.14.3 || >3.14.3,<3.14.4 || >3.14.4,<3.14.5 || >3.14.5,<3.14.6 || >3.14.6,<4.0.0) requires wrapt (>=1.14,<2.0).
And because langfuse (3.14.2) depends on wrapt (>=1.14,<2.0)
 and langfuse (3.14.3) depends on wrapt (>=1.14,<2.0), langfuse (>=3.10.1,<3.12.1 || >3.12.1,<3.14.4 || >3.14.4,<3.14.5 || >3.14.5,<3.14.6 || >3.14.6,<4.0.0) requires wrapt (>=1.14,<2.0).
And because langfuse (3.14.4) depends on wrapt (>=1.14,<2.0)
 and langfuse (3.14.5) depends on wrapt (>=1.14,<2.0), langfuse (>=3.10.1,<3.12.1 || >3.12.1,<3.14.6 || >3.14.6,<4.0.0) requires wrapt (>=1.14,<2.0).
And because langfuse (3.14.6) depends on wrapt (>=1.14,<2.0)
 and langfuse (3.12.1) depends on wrapt (>=1.14,<2.0), langfuse (>=3.10.1,<4.0.0) requires wrapt (>=1.14,<2.0).
And because unstructured[docx,pptx] (0.22.23) depends on wrapt (>=2.1.1,<3.0.0)
 and rag-core-lib (4.2.0) depends on langfuse (>=3.10.1,<4.0.0), unstructured[docx,pptx] (0.22.23) is incompatible with rag-core-lib (4.2.0).
So, because extractor-api-lib depends on both rag-core-lib (==4.2.0) and unstructured[docx,pptx] (0.22.23), version solving failed.

File name: libs/rag-core-api/poetry.lock

Updating dependencies
Resolving dependencies...


Because no versions of fastembed match >0.8.0,<0.9.0
 and fastembed (0.8.0) depends on pillow (>=12.0.0,<13.0), fastembed (>=0.8.0,<0.9.0) requires pillow (>=12.0.0,<13.0).
So, because rag-core-api depends on both pillow (^11.2.1) and fastembed (^0.8.0), version solving failed.

File name: services/document-extractor/poetry.lock

Updating dependencies
Resolving dependencies...

Creating virtualenv extractor-server-JVU6rL5B-py3.13 in /home/ubuntu/.cache/pypoetry/virtualenvs

Because extractor-server depends on extractor-api-lib (4.2.0) @ file:///tmp/renovate/repos/github/stackitcloud/rag-template/libs/extractor-api-lib which depends on torchvision (0.25.0), torchvision is required.
So, because extractor-server depends on torchvision (^0.26.0), version solving failed.

File name: package-lock.json

npm warn Unknown env config "store". This will stop working in the next major version of npm. See `npm help npmrc` for supported config options.
npm error code EOVERRIDE
npm error Override for lodash@4.18.1 conflicts with direct dependency
npm error A complete log of this run can be found in: /tmp/renovate/cache/others/npm/_logs/2026-05-03T02_53_07_429Z-debug-0.log