chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
@parcel/transformer-elm	2.12.0 -> 2.13.2					devDependencies	minor
@parcel/transformer-sass	2.12.0 -> 2.13.2					devDependencies	minor
actions/cache	v4.0.2 -> v4.1.2					action	minor
actions/checkout	v4.2.0 -> v4.2.2					action	patch
actions/setup-node	v4.0.4 -> v4.1.0					action	minor
axe-core (source)	4.10.0 -> 4.10.2					devDependencies	patch
github/codeql-action	v3.26.10 -> v3.27.5					action	minor
node (source)	20.17.0 -> 20.18.1						minor
parcel	2.12.0 -> 2.13.2					devDependencies	minor
postcss (source)	8.4.47 -> 8.4.49					devDependencies	patch
prettier (source)	3.3.3 -> 3.4.1					devDependencies	minor
stylelint (source)	16.9.0 -> 16.11.0					devDependencies	minor
stylelint-scss	6.7.0 -> 6.10.0					devDependencies	minor

---

Release Notes

parcel-bundler/parcel (@​parcel/transformer-elm)

v2.13.2

Compare Source

Fixed

• JavaScript

  • Fix HMR when asset is duplicated between multiple bundles – Details

• SASS

  • Fix SASS resolution with non file: URLs – Details

v2.13.1

Compare Source

Fixed

• JavaScript

  • Improve HMR with dynamic imports – Details
  • Update SWC – Details

• SASS

  • Fix SASS resolution rules for modern API – Details

v2.13.0

Compare Source

Added

• Core

  • Expose watcher ignore and watcher backend options – Details
  • Improve large watcher events payload experience – Details
  • Add support for globs in package.json#source – Details
  • Add config key invalidation – Details

• Bundler

  • Add library bundler – Details

• Dev Server

  • Support .proxyrc.ts – Details

• Resolver

  • 12x faster resolver cache – Details
  • Correctly handle empty resolver diagnostics array – Details

Fixed

• Core

  • Remove abortcontroller-polyfill – Details
  • Fix missing content key in symbol propagation when asset is removed – Details
  • Update minimum supported node version to 16 – Details
  • Ensure the snapshot directory matches the watch dir – Details
  • Add parcel version to PluginOptions – Details
  • Fix possible race condition in the caching of request graph – Details
  • Ensure empty extended config throws a diagnostic – Details
  • Ensure Asset public ids are assigned deterministically – Details
  • Directories ignored by watcher should be relative to the watch directory – Details
  • Fix request tracker incremental cache write for new nodes – Details
  • Improve request graph cache reading – Details
  • Exit process with error code when reporters fail – Details
  • Write tmp files to the OS tmp directory - Details
  • Fix small HMR issues – Details
  • Fix crash in EntryRequest with multiple globs in the source field – Details
  • Revert split manifest runtime bundles – Details
  • Revert chunked cache blobs for improved stability – Details
  • Update dependencies – Details

• Bundler

  • Fix assets outside project root with Manual Shared Bundles – Details

• JavaScript

  • Avoid non-identifier export names in non-entry library bundles – Details
  • Relax react-refresh version range – Details
  • Also emit swc recoverable errors – Details
  • Bump swc – Details, Details, Details, Details
  • Bump swc and browserslist-rs – Details
  • Replace std::sync locks with parking_lot locks for better stability – Details
  • Ensure const modules in async bundles are wrapped – Details
  • Fix dev packager global reference – Details
  • Fix import usage tracking for destructure defaulting – Details
  • Update Node.js globals replacer to use SWC VisitMut – Details
  • Update process.env replacer to use SWC VisitMut – Details
  • Update Node.js __filename and __dirname replace to use SWC VisitMut – Details
  • Fix parcelRequire being added to multi-target libraries – Details
  • Handle TypeScript expressions in macro evaluator – Details

• Resolver

  • Fix NUL byte crash in resolver – Details
  • Change default resolver error message for custom specifiers – Details

• TypeScript

  • Handle dynamic import type references in TS types transformer – Details
  • Correctly handle qualified names in TS types import() – Details

• SASS

  • Migrate to new sass API – Details

• SVG

  • Load svgo version from project – Details
  • Update svgr and use project svgo version – Details

• Image

  • Bump oxipng – Details

• Vue

  • Upgrade consolidate to v1 – Details

• Web Extensions

  • Allow both service_worker and scripts in MV3 Web Extensions – Details

actions/cache (actions/cache)

v4.1.2

Compare Source

What's Changed

• Add Bun example by @​idleberg in https://github.com/actions/cache/pull/1456
• Revise isGhes logic by @​jww3 in https://github.com/actions/cache/pull/1474
• Bump braces from 3.0.2 to 3.0.3 by @​dependabot in https://github.com/actions/cache/pull/1475
• Add dependabot.yml to enable automatic dependency upgrades by @​Link- in https://github.com/actions/cache/pull/1476
• Bump actions/checkout from 3 to 4 by @​dependabot in https://github.com/actions/cache/pull/1478
• Bump actions/stale from 3 to 9 by @​dependabot in https://github.com/actions/cache/pull/1479
• Bump github/codeql-action from 2 to 3 by @​dependabot in https://github.com/actions/cache/pull/1483
• Bump actions/setup-node from 3 to 4 by @​dependabot in https://github.com/actions/cache/pull/1481
• Prepare 4.1.2 release by @​Link- in https://github.com/actions/cache/pull/1477

New Contributors

• @​idleberg made their first contribution in https://github.com/actions/cache/pull/1456
• @​jww3 made their first contribution in https://github.com/actions/cache/pull/1474
• @​Link- made their first contribution in https://github.com/actions/cache/pull/1476

Full Changelog: actions/cache@v4...v4.1.2

v4.1.1

Compare Source

What's Changed

• Restore original behavior of cache-hit output by @​joshmgross in https://github.com/actions/cache/pull/1467

Full Changelog: actions/cache@v4.1.0...v4.1.1

v4.1.0

Compare Source

What's Changed

• Fix cache-hit output when cache missed by @​fchimpan in https://github.com/actions/cache/pull/1404
• Deprecate save-always input by @​joshmgross in https://github.com/actions/cache/pull/1452

New Contributors

• @​ottlinger made their first contribution in https://github.com/actions/cache/pull/1437
• @​Olegt0rr made their first contribution in https://github.com/actions/cache/pull/1377
• @​fchimpan made their first contribution in https://github.com/actions/cache/pull/1404
• @​x612skm made their first contribution in https://github.com/actions/cache/pull/1434
• @​todgru made their first contribution in https://github.com/actions/cache/pull/1311
• @​Jcambass made their first contribution in https://github.com/actions/cache/pull/1463
• @​mackey0225 made their first contribution in https://github.com/actions/cache/pull/1462
• @​quatquatt made their first contribution in https://github.com/actions/cache/pull/1445

Full Changelog: actions/cache@v4.0.2...v4.1.0

actions/checkout (actions/checkout)

v4.2.2

Compare Source

• url-helper.ts now leverages well-known environment variables by @​jww3 in https://github.com/actions/checkout/pull/1941
• Expand unit test coverage for isGhes by @​jww3 in https://github.com/actions/checkout/pull/1946

v4.2.1

Compare Source

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in https://github.com/actions/checkout/pull/1924

actions/setup-node (actions/setup-node)

v4.1.0

Compare Source

dequelabs/axe-core (axe-core)

v4.10.2: Release 4.10.2

Compare Source

This release prevents axe from sometimes crashing when a page changes in the middle of a test.

Bug Fixes

• get-ancestry: don't error when there is no parent (#​4617) (6c07102)

v4.10.1

Compare Source

github/codeql-action (github/codeql-action)

v3.27.5

Compare Source

v3.27.4

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.4 - 14 Nov 2024

No user facing changes.

See the full CHANGELOG.md for more information.

v3.27.3

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.3 - 12 Nov 2024

No user facing changes.

See the full CHANGELOG.md for more information.

v3.27.2

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.2 - 12 Nov 2024

• Fixed an issue where setting up the CodeQL tools would sometimes fail with the message "Invalid value 'undefined' for header 'authorization'". #​2590

See the full CHANGELOG.md for more information.

v3.27.1

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.1 - 08 Nov 2024

• The CodeQL Action now downloads bundles compressed using Zstandard on GitHub Enterprise Server when using Linux or macOS runners. This speeds up the installation of the CodeQL tools. This feature is already available to GitHub.com users. #​2573
• Update default CodeQL bundle version to 2.19.3. #​2576

See the full CHANGELOG.md for more information.

v3.27.0

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.0 - 22 Oct 2024

• Bump the minimum CodeQL bundle version to 2.14.6. #​2549
• Fix an issue where the upload-sarif Action would fail with "upload-sarif post-action step failed: Input required and not supplied: token" when called in a composite Action that had a different set of inputs to the ones expected by the upload-sarif Action. #​2557
• Update default CodeQL bundle version to 2.19.2. #​2552

See the full CHANGELOG.md for more information.

v3.26.13

Compare Source

v3.26.12

Compare Source

v3.26.11

Compare Source

nodejs/node (node)

v20.18.1: 2024-11-20, Version 20.18.1 'Iron' (LTS), @​marco-ippolito

Compare Source

Notable Changes

• [7a8992b2d6] - doc: add abmusse to collaborators (Abdirahim Musse) #​55086

Commits

• [085c3441fe] - assert: show the diff when deep comparing data with a custom message (Giovanni) #​54759
• [01f0b0e7b4] - benchmark: adjust config for deepEqual object (Rafael Gonzaga) #​55254
• [a45537269b] - benchmark: rewrite detect-esm-syntax benchmark (Joyee Cheung) #​55238
• [1a0d8ef64f] - benchmark: add no-warnings to process.has bench (Rafael Gonzaga) #​55159
• [2be5d611ce] - benchmark: create benchmark for typescript (Marco Ippolito) #​54904
• [a2aa4fa477] - benchmark: include ascii to fs/readfile (Rafael Gonzaga) #​54988
• [09849105fe] - benchmark: add dotenv benchmark (Aviv Keller) #​54278
• [6b3c24dbad] - buffer: fix out of range for toString (Jason Zhang) #​54553
• [f25a5b6dc4] - build: use rclone instead of aws CLI (Michaël Zasso) #​55617
• [0bbeb605de] - build: fix notify-on-review-wanted action (Rafael Gonzaga) #​55304
• [5b35836732] - build: include .nycrc in coverage workflows (Wuli Zuo) #​55210
• [f38d1e90e0] - build: notify via slack when review-wanted (Rafael Gonzaga) #​55102
• [0b985ec4bb] - build: remove -v flag to reduce noise (iwuliz) #​55025
• [09f75b27a1] - build: display free disk space after build in the test-macOS workflow (iwuliz) #​55025
• [f25760c4a2] - build: add the option to generate compile_commands.json in vcbuild.bat (Segev Finer) #​52279
• [746e78c4f3] - Revert "build: upgrade clang-format to v18" (Chengzhong Wu) #​54994
• [67834ee646] - build: print Running XYZ linter... for py and yml (Aviv Keller) #​54386
• [ae34e276a2] - build: pin doc workflow to Node.js 20 (Richard Lau) #​55755
• [d0e871a706] - build,win: add winget config to set up env (Hüseyin Açacak) #​54729
• [93ac799b6b] - cli: fix spacing for port range error (Aviv Keller) #​54495
• [3ba2e7bf97] - Revert "console: colorize console error and warn" (Aviv Keller) #​54677
• [2f678ea53b] - crypto: ensure invalid SubtleCrypto JWK data import results in DataError (Filip Skokan) #​55041
• [5d28d98542] - deps: update undici to 6.20.0 (Node.js GitHub Bot) #​55329
• [0c7f2fc421] - deps: update archs files for openssl-3.0.15+quic1 (Node.js GitHub Bot) #​55184
• [da15e7edf5] - deps: upgrade openssl sources to quictls/openssl-3.0.15+quic1 (Node.js GitHub Bot) #​55184
• [381f1f9d08] - deps: update archs files for openssl-3.0.14+quic1 (Node.js GitHub Bot) #​54336
• [48d643f78a] - deps: upgrade openssl sources to quictls/openssl-3.0.14+quic1 (Node.js GitHub Bot) #​54336
• [7b1796803b] - deps: update timezone to 2024b (Node.js GitHub Bot) #​55056
• [8f1956c588] - deps: update acorn-walk to 8.3.4 (Node.js GitHub Bot) #​54950
• [20501a7350] - deps: update corepack to 0.29.4 (Node.js GitHub Bot) #​54845
• [0f81eafecc] - doc: fix Markdown linter (Antoine du Hamel) #​55344
• [df713f0a98] - Revert "doc: update test context.assert" (Antoine du Hamel) #​55344
• [fd6fc61d2c] - doc: add pmarchini to collaborators (Pietro Marchini) #​55331
• [b963db9ee2] - doc: fix events.once() example using AbortSignal (Ivo Janssen) #​55144
• [50b13bfb12] - doc: add onboarding details for ambassador program (Marco Ippolito) #​55284
• [27564b7811] - doc: fix initial default value of autoSelectFamily (Ihor Rohovets) #​55245
• [9e7be23aa5] - doc: tweak onboarding instructions (Michael Dawson) #​55212
• [f412a029c3] - doc: update test context.assert (Pietro Marchini) #​55186
• [2f7828debb] - doc: fix unordered error anchors (Antoine du Hamel) #​55242
• [d08e4c235b] - doc: mention addons to experimental permission (Rafael Gonzaga) #​55166
• [d65c2458dc] - doc: use correct dash in stability status (Antoine du Hamel) #​55200
• [d9839c16cf] - doc: fix link in test/README.md (Livia Medeiros) #​55165
• [1ad659afa4] - doc: add esm examples to node:net (Alfredo González) #​55134
• [81ad69d50f] - doc: move the YAML changes element (sendoru) #​55112
• [7a51a161be] - doc: fix the require resolve algorithm in modules.md (chirsz) #​55117
• [80edcdf899] - doc: update style guide (Aviv Keller) #​53223
• [388c754dd2] - doc: add missing : to run()'s globPatterns (Aviv Keller) #​55135
• [94302b6a76] - doc: add abmusse to collaborators (Abdirahim Musse) #​55086
• [27ff2da964] - doc: add note about --expose-internals (Aviv Keller) #​52861
• [df6dc753b7] - doc: remove parseREPLKeyword from REPL documentation (Aviv Keller) #​54749
• [4baa5c4d10] - doc: change backporting guide with updated info (Aviv Keller) #​53746
• [9947fc112f] - doc: add missing definitions to internal-api.md (Aviv Keller) #​53303
• [a4586f0e94] - doc: update documentation for externalizing deps (Michael Dawson) #​54792
• [70504f8522] - doc: update require(ESM) history and stability status (Antoine du Hamel) #​55199
• [9d0041ac40] - doc: add release key for aduh95 (Antoine du Hamel) #​55349
• [0c1666a52a] - events: allow null/undefined eventInitDict (Matthew Aitken) #​54643
• [453df77f99] - events: return currentTarget when dispatching (Matthew Aitken) #​54642
• [0decaab9db] - fs: acknowledge signal option in filehandle.createReadStream() (Livia Medeiros) #​55148
• [00a2fc7166] - lib: move Symbol[Async]Dispose polyfills to internal/util (Antoine du Hamel) #​54853
• [8e6b606ac4] - lib: remove lib/internal/idna.js (Yagiz Nizipli) #​55050
• [c96e5cb664] - lib: the REPL should survive deletion of Array.prototype methods (Jordan Harband) #​31457
• [748ed2e559] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #​55300
• [8b8d35f015] - meta: bump mozilla-actions/sccache-action from 0.0.5 to 0.0.6 (dependabot[bot]) #​55225
• [d3441ff0c8] - meta: bump actions/checkout from 4.1.7 to 4.2.0 (dependabot[bot]) #​55224
• [1c20908558] - meta: bump actions/setup-node from 4.0.3 to 4.0.4 (dependabot[bot]) #​55223
• [8a529abd69] - meta: bump peter-evans/create-pull-request from 7.0.1 to 7.0.5 (dependabot[bot]) #​55219
• [9053d210ab] - meta: add mailmap entry for abmusse (Abdirahim Musse) #​55182
• [db2496c125] - meta: add more information about nightly releases (Aviv Keller) #​55084
• [d2ce003b2f] - meta: add linux to OS labels in collaborator guide (Aviv Keller) #​54986
• [37b0bea247] - meta: remove never-used workflow trigger (Aviv Keller) #​54983
• [ae27e2dcd7] - meta: add links to alternative issue trackers (Aviv Keller) #​54401
• [6e5d524b0f] - module: remove duplicated import (Aviv Keller) #​54942
• [3a682cca03] - path: remove repetitive conditional operator in posix.resolve (Wiyeong Seo) #​54835
• [ac1cb8dfdb] - perf_hooks: add missing type argument to getEntriesByName (Luke Taher) #​54767
• [85b3edc83b] - repl: catch \v and \r in new-line detection (Aviv Keller) #​54512
• [df1f04999e] - src: decode native error messages as UTF-8 (Joyee Cheung) #​55024
• [86d718177a] - src: update clang-tidy and focus on modernization (Yagiz Nizipli) #​53757
• [7d01b6a9c5] - src: cleanup per env handles directly without a list (Chengzhong Wu) #​54993
• [a730cdb622] - src: remove duplicate code setting AF_INET (He Yang) #​54939
• [f10d9ad283] - stream: treat null asyncIterator as undefined (Jason Zhang) #​55119
• [6027084245] - test: make test-loaders-workers-spawned less flaky (Antoine du Hamel) #​55172
• [66a87d19bd] - test: update multiple assert tests to use node:test (James M Snell) #​54585
• [5105188c47] - test: update wpt test for encoding (devstone) #​55151
• [81bcec0b82] - test: deflake test/pummel/test-timers.js (jakecastelli) #​55098
• [82c402265a] - test: deflake test-http-remove-header-stays-removed (Luigi Pinca) #​55004
• [78021701ed] - test: fix test-tls-junk-closes-server (Michael Dawson) #​55089
• [c908b8a2d8] - test: fix more tests that fail when path contains a space (Antoine du Hamel) #​55088
• [afc1628e73] - test: fix assertSnapshot when path contains a quote (Antoine du Hamel) #​55087
• [7c88739b83] - test: fix some tests when path contains % (Antoine du Hamel) #​55082
• [eb4d468671] - Revert "test: mark test-fs-watch-non-recursive flaky on Windows" (Luigi Pinca) #​55079
• [bc7b5249d4] - test: make test-runner-assert more robust (Aviv Keller) #​55036
• [6c2a1386f7] - test: update tls test to support OpenSSL32 (Michael Dawson) #​55030
• [96406610fa] - test: fix test-vm-context-dont-contextify when path contains a space (Antoine du Hamel) #​55026
• [39a80eed4f] - test: adjust tls-set-ciphers for OpenSSL32 (Michael Dawson) #​55016
• [bd8fd4fceb] - test: add util.stripVTControlCharacters test (RedYetiDev) #​54865
• [333b5a02d0] - test: improve coverage for timer promises schedular (Aviv Keller) #​53370
• [f48992f433] - test: remove unused common utilities (RedYetiDev) #​54825
• [93a098c56d] - test: deflake test-http-header-overflow (Luigi Pinca) #​54978
• [f849cf677d] - test: fix soucre to source (Aviv Keller) #​55038
• [1a007ea814] - test: add asserts to validate test assumptions (Michael Dawson) #​54997
• [6f53c096f8] - test: move test-http-max-sockets to parallel (Luigi Pinca) #​54977
• [aba9dc775e] - test: remove test-http-max-sockets flaky designation (Luigi Pinca) #​54976
• [ee5624bffe] - test: adjust key sizes to support OpenSSL32 (Michael Dawson) #​54972
• [5c11a61140] - test: update test to support OpenSSL32 (Michael Dawson) #​54968
• [62f21470e4] - test: update DOM events web platform tests (Matthew Aitken) #​54642
• [426851705c] - test_runner: assert entry is a valid object (Edigleysson Silva (Edy)) #​55231
• [b1cad519d7] - test_runner: use test: symbol on second print of parent test (RedYetiDev) #​54956
• [63c8f3d436] - test_runner: replace ansi clear with ansi reset (Pietro Marchini) #​55013
• [0b3fb344f7] - tools: add polyfilled option to prefer-primordials rule (Antoine du Hamel) #​55318
• [8981309bd9] - tools: make choco install script more readable (Aviv Keller) #​54002
• [7310abeae1] - tools: bump Rollup from 4.18.1 to 4.22.4 for lint-md (dependabot[bot]) #​55093
• [083311e8af] - tools: remove redudant code from eslint require rule (Aviv Keller) #​54892
• [ae4b2aece1] - tools: update error message for ICU in license-builder (Aviv Keller) #​54742
• [3ebd31684d] - tools: update github_reporter to 1.7.1 (Node.js GitHub Bot) #​54951
• [397be8a10e] - tty: fix links for terminal colors (Aviv Keller) [#​54596](https://redirect.github.com/nodejs/node/pull/5459

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.