Skip to content

chore(deps)(deps): bump lucide-react from 0.577.0 to 1.23.0#205

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/lucide-react-1.22.0
Closed

chore(deps)(deps): bump lucide-react from 0.577.0 to 1.23.0#205
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/lucide-react-1.22.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor

Bumps lucide-react from 0.577.0 to 1.23.0.

Release notes

Sourced from lucide-react's releases.

Version 1.23.0

What's Changed

New Contributors

Full Changelog: lucide-icons/lucide@1.22.0...1.23.0

Version 1.22.0

What's Changed

New Contributors

Full Changelog: lucide-icons/lucide@1.21.0...1.22.0

Version 1.21.0

What's Changed

New Contributors

Full Changelog: lucide-icons/lucide@1.20.0...1.21.0

Version 1.20.0

What's Changed

... (truncated)

Commits
  • 5ff536e ci(release.yml): Fix workflow and remove version scripts in package scripts...
  • 07c885e fix(docs): fix zephyr-cloud URL in readmes
  • 50d8af5 docs(readme): Update readme files (#4320)
  • 653e44b feat(packages): use .mjs for ESM bundles (#4285)
  • 7623e23 feat(docs): add Zephyr Cloud to Hero Backers tier & rework updateSponsors scr...
  • dada0a8 fix(lucide-react): Fix dynamic imports (#4210)
  • a6e648a fix(lucide-react): correct client directives in RSC files (#4189)
  • 1f010a3 fix(lucide-react): Fixes provider export and RSC render issues (#4175)
  • 484f2c9 docs(version-1): Version 1 website (#4142)
  • a0e202d feat(packages/angular): add new @​lucide/angular package (#3897)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Dependency updates and maintenance javascript Pull requests that update javascript code major Major-level or impactful change labels Jun 29, 2026
@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
npm/lucide-react 1.23.0 🟢 3.4
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 7Found 18/24 approved changesets -- score normalized to 7
Dangerous-Workflow⚠️ 0dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Security-Policy⚠️ 0security policy file not detected
License🟢 9license file detected
Fuzzing⚠️ 0project is not fuzzed
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection🟢 3branch protection is not maximal on development and all release branches
SAST🟢 5SAST tool is not run on all commits -- score normalized to 5

Scanned Files

  • package-lock.json

Bumps [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) from 0.577.0 to 1.23.0.
- [Release notes](https://github.com/lucide-icons/lucide/releases)
- [Commits](https://github.com/lucide-icons/lucide/commits/1.23.0/packages/lucide-react)

---
updated-dependencies:
- dependency-name: lucide-react
  dependency-version: 1.22.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title chore(deps)(deps): bump lucide-react from 0.577.0 to 1.22.0 chore(deps)(deps): bump lucide-react from 0.577.0 to 1.23.0 Jul 6, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/lucide-react-1.22.0 branch from c3d9618 to dae85e1 Compare July 6, 2026 09:17
@dependabot @github

dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor Author

Superseded by #214.

@dependabot dependabot Bot closed this Jul 13, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/lucide-react-1.22.0 branch July 13, 2026 09:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Dependency updates and maintenance javascript Pull requests that update javascript code major Major-level or impactful change

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant