build(deps): bump admin-lte from 2.4.18 to 4.0.2

[dependabot]

Bumps admin-lte from 2.4.18 to 4.0.2.

Release notes

Sourced from admin-lte's releases.

AdminLTE 4.0.2

AdminLTE 4.0.2 — a housekeeping patch: building from source is clean again.

📖 Documentation · 🎨 Live preview · 🚀 Migration from v3

---

🐛 Fixes

• npm run production works from a source checkout again — the dev-only social preview script (scripts/social-preview.mjs, new in 4.0.1) tripped 9 ESLint errors during the lint stage and failed the build. The script is now fully lint-clean. (#6048, reported by @​lfiorini)

🔒 Security

• Hardened the social preview script's tiny static file server against path traversal and error detail leakage (CodeQL alerts #87–#92). This script is dev-only and has never been part of the npm package — published builds were never affected.

📦 New here? The AdminLTE family

AdminLTE 4 is also available as official framework integrations: adminlte-vue (Vue 3 & Nuxt), adminlte-react (React & Next.js), adminlte-django, and adminlte-laravel.

Install

npm install admin-lte@4.0.2

Or via CDN:

<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/admin-lte@4.0.2/dist/css/adminlte.min.css" />
<script src="https://cdn.jsdelivr.net/npm/admin-lte@4.0.2/dist/js/adminlte.min.js"></script>

See CHANGELOG.md for the full notes.

Full Changelog: ColorlibHQ/AdminLTE@v4.0.1...v4.0.2

Full Changelog: ColorlibHQ/AdminLTE@v4.0.1...v4.0.2

v4.0.1

AdminLTE 4.0.1 — first patch for the v4 line, and the launch of the AdminLTE family.

📖 Documentation · 🎨 Live preview · 🚀 Migration from v3

---

🎉 AdminLTE is now a family

The classic HTML/CSS/JS template you know is no longer alone. AdminLTE 4 is now available as four official framework integrations, each a first-class package maintained under ColorlibHQ:

| Project | For | Highlights |

... (truncated)

Changelog

Sourced from admin-lte's changelog.

[4.0.2] - 2026-06-11

Fixed

• #6048: npm run production no longer fails — the dev-only scripts/social-preview.mjs tripped 9 ESLint errors when building from source. The script is now lint-clean. (reported by @​lfiorini)

Security

• Hardened the social preview script's static file server against path traversal and error detail leakage (CodeQL alerts #87–#92). Dev-only script, not part of the npm package.

[4.0.1] - 2026-06-11

Added

• Official framework integrations announced — AdminLTE 4 is now available as first-class packages for four ecosystems, maintained under ColorlibHQ:
  • adminlte-vue — Vue 3 & Nuxt, 45+ typed components, composables, SSR-safe theming, ⌘K command palette
  • adminlte-react — React & Next.js (App Router / RSC), 30+ typed components, dark mode, ⌘K command palette
  • adminlte-django — config-driven sidebar menu, 33+ components, themed django.contrib.admin, {{ form }} renderer
  • adminlte-laravel — Blade integration, Vite-ready
• Social preview generator script (scripts/social-preview.mjs, dev-only — excluded from the npm package).

Fixed

• #6043: Stored color mode is now applied before first paint — no more light-mode flash when reloading a page in dark mode. (reported by @​bsshreesha)
• #6044: Long subject/preview text in the mailbox inbox list is truncated instead of overflowing its container. (reported by @​Oscurlo)
• #6038: accessibility.js no longer assigns role="navigation" to <ul>/<ol> elements, which broke list semantics and failed the Lighthouse accessibility audit. (reported by @​lfiorini)

Updated

• All dependencies bumped to latest; axios pinned via npm overrides to clear a transitive advisory. npm audit remains at 0 vulnerabilities.

[4.0.0] - 2026-05-19

Added

• 18 new demo pages dramatically expanding the page catalog:
  • Apps: Calendar (FullCalendar 6, drag-and-drop scheduling), Kanban (SortableJS, lane-to-lane drag), Chat (full-page conversation app), File Manager (grid + list views, folder tree), Projects (list with status, progress, team avatars)
  • Mailbox: Inbox, Read Message, Compose — three-pane workflow with folders + labels
  • Forms: Wizard (4-step with per-step validation + review summary)
  • Tables: Data Tables — jQuery-free implementation using Tabulator 6
  • Pages: Profile (tabbed activity/timeline/settings), Settings (account / notifications / security / billing / danger zone), Invoice (print-ready with totals math), Pricing (3-tier + comparison table + billing toggle), FAQ (data-driven accordions)
  • Error pages: 404, 500, Maintenance
• Recommended Integrations docs page (docs/integrations.html) — copy-paste install snippets for Flatpickr, Tom Select, noUiSlider, Pickr, IMask, Dropzone, FilePond, Quill, EasyMDE, Toast UI Editor, ApexCharts, Chart.js, Tabulator, FullCalendar, SortableJS, GLightbox, and a comparison of icon libraries. AdminLTE doesn't bundle these — the page shows how to drop them in.
• Visible color-mode toggle in the default topbar (#6010) — Light / Dark / Auto dropdown with localStorage persistence and prefers-color-scheme integration. Wiring JS shipped globally in _scripts.astro so the toggle works on every demo page automatically.

Changed

• Forms section restructured: Split the 623-line forms/general.html into three focused pages — forms/elements.html (inputs, selects, checks/radios/switches, ranges, floating labels), forms/layout.html (horizontal, inline, sizing, width), and forms/validation.html (Bootstrap native validation + tooltip variant).

Fixed

... (truncated)

Commits

• ebd5bc6 chore(release): 4.0.2
• 27acd10 fix(scripts): make social-preview.mjs pass ESLint
• dbe1fcf fix(scripts): harden social-preview static server against path traversal and ...
• 7df8088 chore(release): 4.0.1
• 16e950b chore: add social preview generator script + asset, exclude dev scripts from ...
• 710bd72 Reframe Haze premium screenshot to match the other cards
• dfec8f9 Merge pull request #6045 from ColorlibHQ/readme-framework-editions
• 54cd87d Redesign README: framework editions, premium showcase, clearer structure
• 4ba82b7 chore(deps): update dev dependencies to latest + override axios
• 7f6f011 fix(theme): rewrite theme-init resolution as if/else to satisfy eslint (#6043)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by silkalns, a new releaser for admin-lte since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)