build(deps): bump the npm group with 6 updates

[dependabot]

Bumps the npm group with 6 updates:

Package	From	To
@ministryofjustice/frontend	3.3.0	3.3.1
govuk-frontend	5.7.1	5.8.0
sass	1.83.1	1.83.4
postcss	8.4.49	8.5.1
puppeteer	23.11.1	24.0.0
stylelint	16.12.0	16.13.2

Updates @ministryofjustice/frontend from 3.3.0 to 3.3.1

Release notes

Sourced from @​ministryofjustice/frontend's releases.

v3.3.1

3.3.1 (2025-01-09)

Bug Fixes

• text color in interruption card and initAll function updates (#1062) (c8a3800), closes #1059 #1060 #1061

Changelog

Sourced from @​ministryofjustice/frontend's changelog.

3.3.1 (2025-01-09)

Bug Fixes

• text color in interruption card and initAll function updates (#1062) (c8a3800), closes #1059 #1060 #1061

Commits

• 5ccb926 chore(release): 3.3.1 [skip ci]
• c8a3800 fix: text color in interruption card and initAll function updates (#1062)
• 2ab2996 docs: Add figma guidance (#978)
• 250719c test(datepicker): fix issues with multiple dates being found in leadingZero t...
• 1e46510 docs: reinstate newsletter sign-up link (#1057)
• 5d6052c docs: add headinglevel to Nunjucks macro options (#1052)
• dcd3f48 docs: update apply service pattern page (#1033)
• 1a20657 docs: apply tabbed view to components (#1038)
• 5b8a085 docs(tabbed-doc): don't have any space or new lines around content when placi...
• a9767b7 test(multi-select): add tests for the multi select checkbox (#1035)
• Additional commits viewable in compare view

Updates govuk-frontend from 5.7.1 to 5.8.0

Release notes

Sourced from govuk-frontend's releases.

GOV.UK Frontend v5.8.0

To install this version with npm, run npm install [email protected]. You can also find more information about how to stay up to date in our documentation.

New features

Use our base configurable component to build your own configurable component

We've added a ConfigurableComponent class to help you build your own configurable components. It extends our Component class and allows you to focus on your components' specific features by handling these shared behaviours across components:

• checking that GOV.UK Frontend is supported
• checking that the component is not already initialised on its root element
• checking the type of the root element and storing it for access within the component as this.$root
• taking a configuration object as a parameter and then storing it for access within the component as this.config
• merging a passed configuration object with configuration options specified on the data attributes of the root element

We introduced this change in:

• #5499: Rename GOVUKFrontendComponentConfigurable, export ConfigurableComponent
• #5456: Refactor Accordion to extend from a GOVUKFrontendConfigurableComponent

Deprecated features

Importing Sass using govuk/all

You'll see a warning when compiling your Sass if you import all of GOV.UK Frontend's styling using govuk/all. Importing using the all file is deprecated, and we’ll remove it in the next major release.

In your import statements, use a trailing /index rather than /all to load GOV.UK Frontend's files:

• @import "govuk/index"; instead of @import "govuk/all";

You do not need /index at the end of each import path if you’re using Dart Sass.

This change was introduced in [pull request #5518: Deprecate govuk/all.scss and only reference govuk/index.scss internally](alphagov/govuk-frontend#5518).

Fixes

We've made fixes to GOV.UK Frontend in the following pull requests:

• #5533: Fix UMD files overriding existing global

Changelog

Sourced from govuk-frontend's changelog.

v5.8.0 (Feature release)

To install this version with npm, run npm install [email protected]. You can also find more information about how to stay up to date in our documentation.

New features

Use our base configurable component to build your own configurable component

We've added a ConfigurableComponent class to help you build your own configurable components. It extends our Component class and allows you to focus on your components' specific features by handling these shared behaviours across components:

• checking that GOV.UK Frontend is supported
• checking that the component is not already initialised on its root element
• checking the type of the root element and storing it for access within the component as this.$root
• taking a configuration object as a parameter and then storing it for access within the component as this.config
• merging a passed configuration object with configuration options specified on the data attributes of the root element

We introduced this change in:

• #5499: Rename GOVUKFrontendComponentConfigurable, export ConfigurableComponent
• #5456: Refactor Accordion to extend from a GOVUKFrontendConfigurableComponent

Deprecated features

Importing Sass using govuk/all

You'll see a warning when compiling your Sass if you import all of GOV.UK Frontend's styling using govuk/all. Importing using the all file is deprecated, and we’ll remove it in the next major release.

In your import statements, use a trailing /index rather than /all to load GOV.UK Frontend's files:

• @import "govuk/index"; instead of @import "govuk/all";

You do not need /index at the end of each import path if you’re using Dart Sass.

This change was introduced in [pull request #5518: Deprecate govuk/all.scss and only reference govuk/index.scss internally](alphagov/govuk-frontend#5518).

Fixes

We've made fixes to GOV.UK Frontend in the following pull requests:

• #5533: Fix UMD files overriding existing global

Commits

• 9b78915 Merge pull request #5588 from alphagov/release-5.8.0
• 43f2b61 Release v5.8.0
• db96257 Merge pull request #5586 from alphagov/bk-editorconfig-bug
• cc1766d Disable editorconfig linting temporarily
• 9b31d39 Merge pull request #5516 from alphagov/bk-config-docs
• f3e4031 Move most guidance to Frontend Docs site
• 43e59d1 Update components coding standards
• c2f962e Merge pull request #5573 from alphagov/dependabot/npm_and_yarn/highlight.js-1...
• c627c8d Bump highlight.js from 11.10.0 to 11.11.1
• 8fbdd9d Merge pull request #5578 from alphagov/bk-fix-ubuntu-to-22
• Additional commits viewable in compare view

Updates sass from 1.83.1 to 1.83.4

Release notes

Sourced from sass's releases.

Dart Sass 1.83.4

To install Sass 1.83.4, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• No user-visible changes.

See the full changelog for changes in earlier releases.

Dart Sass 1.83.3

To install Sass 1.83.3, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• No user-visible changes.

See the full changelog for changes in earlier releases.

Dart Sass 1.83.2

To install Sass 1.83.2, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• Properly display deprecation IDs for the JS Sass API.

• Don't display deprecation IDs for user-defined deprecations.

See the full changelog for changes in earlier releases.

Changelog

Sourced from sass's changelog.

1.83.4

• No user-visible changes.

1.83.3

• No user-visible changes.

1.83.2

• Properly display deprecation IDs for the JS Sass API.

• Don't display deprecation IDs for user-defined deprecations.

Commits

• 89a5394 Fix more bugs in the sass-parser release process (#2491)
• 46686ed Merge pull request #2490 from sass/sass-parser-release
• 1261767 Use a file: dependency for local Sass development
• 173f39b Use the Dart Sass version for the sass-parser dependency
• ddb14b2 Fix deprecation ID displays in JS mode (#2483)
• b12b508 Compile sass-parser before deploying (#2489)
• b19b57f Merge pull request #2478 from sass/if
• 23ff19d Merge branch 'main' into if
• 8818d93 Properly override the sass-parser dependency on sass during release (#2487)
• adb7016 Merge pull request #2488 from sass/sdk-formatter
• Additional commits viewable in compare view

Updates postcss from 8.4.49 to 8.5.1

Release notes

Sourced from postcss's releases.

8.5.1

• Fixed backwards compatibility for complex cases (by @​romainmenke).

8.5 “Duke Alloces”

PostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.

@​romainmenke during his work on Stylelint added Input#document in additional to Input#css.

root.source.input.document //=> "<p>Hello</p>
                           //    <style>
                           //    p {
                           //      color: green;
                           //    }
                           //    </style>"
root.source.input.css      //=> "p {
                           //      color: green;
                           //    }"

Thanks to Sponsors

This release was possible thanks to our community.

If your company wants to support the sustainability of front-end infrastructure or wants to give some love to PostCSS, you can join our supporters by:

• Tidelift with a Spotify-like subscription model supporting all projects from your lock file.
• Direct donations at GitHub Sponsors or Open Collective.

Changelog

Sourced from postcss's changelog.

8.5.1

• Fixed backwards compatibility for complex cases (by @​romainmenke).

8.5 “Duke Alloces”

• Added Input#document for sources like CSS-in-JS or HTML (by @​romainmenke).

Commits

• 7b02c75 Release 8.5.1 version
• 4c15339 Update dependencies
• 7efe91e Improve backwards compat for Input#document (#2000)
• 6873270 Release 8.5 version
• 4223bb9 Fix 80 columns limit
• 80e2401 Add Input#document (#1996)
• 6f86879 Update dependencies
• 85cbbec Fix pnpm version on CI
• 76caa57 Update dependencies
• 46ff246 Move to pnpm 10
• Additional commits viewable in compare view

Updates puppeteer from 23.11.1 to 24.0.0

Release notes

Sourced from puppeteer's releases.

puppeteer-core: v24.0.0

24.0.0 (2025-01-09)

⚠ BREAKING CHANGES

• remove support for Firefox over CDP (#13427)
• remove deprecated Launch and Connect options (#13426)
• include URL fragment into URL returned by HTTPRequest/Response instances (#13425)

Features

• roll to Firefox 134.0 (#13470) (3bd3176)

Bug Fixes

• include URL fragment into URL returned by HTTPRequest/Response instances (#13425) (8ff26ad)
• remove erroneous changelog entry (#13479) (6de3238)
• roll to Chrome 131.0.6778.264 (#13468) (aac759b)
• webdriver: handle DiscardedBrowsingContextError error (#13472) (b903856)

Code Refactoring

• remove deprecated Launch and Connect options (#13426) (20f9f15)
• remove support for Firefox over CDP (#13427) (1a2e91b)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​puppeteer/browsers bumped from 2.6.1 to 2.7.0

puppeteer: v24.0.0

24.0.0 (2025-01-09)

Bug Fixes

• remove erroneous changelog entry (#13479) (6de3238)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​puppeteer/browsers bumped from 2.6.1 to 2.7.0
    • puppeteer-core bumped from 23.11.1 to 24.0.0

Changelog

Sourced from puppeteer's changelog.

24.0.0 (2025-01-09)

Bug Fixes

• include URL fragment into URL returned by HTTPRequest/Response instances (#13425) (8ff26ad)
• remove erroneous changelog entry (#13479) (6de3238)
• roll to Chrome 131.0.6778.264 (#13468) (aac759b)
• webdriver: handle DiscardedBrowsingContextError error (#13472) (b903856)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​puppeteer/browsers bumped from 2.6.1 to 2.7.0

⚠ BREAKING CHANGES

• remove support for Firefox over CDP (#13427)
• remove deprecated Launch and Connect options (#13426)
• include URL fragment into URL returned by HTTPRequest/Response instances (#13425)

Features

• roll to Firefox 134.0 (#13470) (3bd3176)

Code Refactoring

• remove deprecated Launch and Connect options (#13426) (20f9f15)
• remove support for Firefox over CDP (#13427) (1a2e91b)

Commits

• 0b00617 ci: fix publish job (#13488)
• cab4d1c chore: release main (#13485)
• d102d68 ci: move changelog action to the right place (#13484)
• 01287e3 docs: create a merged changelog (#13481)
• 6de3238 fix: remove erroneous changelog entry (#13479)
• f23c391 feat: resolve relative paths to absolute before unpacking (#13466)
• cc1b37a docs: add install-deps example (#13477)
• 80c65c3 chore(webdriver): handle aborted navigations in Firefox (#13471)
• ca70f29 docs: examples archive links (#13465)
• fcc657c chore: update rule to TypeScript (#13473)
• Additional commits viewable in compare view

Updates stylelint from 16.12.0 to 16.13.2

Release notes

Sourced from stylelint's releases.

16.13.2

• Fixed: --fix CLI flag raising unknown value error (#8313) (@​ybiquitous).

16.13.1

• Fixed: ignore.default is not a function (#8305) (@​romainmenke).

16.13.0

• Deprecated: ambiguous position arguments passed to utils.report() (#8244) (@​romainmenke).
• Added: lax/strict values to the fix Node.js API option and CLI flag (#8106) (@​ryo-manba).
• Added: support for profiling rule performance via the TIMING environment variable (#8108) (@​ryo-manba).
• Added: at-rule-descriptor-no-unknown rule (#8197) (@​ryo-manba).
• Added: at-rule-descriptor-value-no-unknown rule (#8211) (@​ryo-manba).
• Added: at-rule-no-deprecated rule (#8251) (@​jeddy3).
• Added: at-rule-prelude-no-invalid rule (#8268) (@​ryo-manba).
• Added: declaration-property-value-keyword-no-deprecated rule (#8223) (@​Mouvedia).
• Added: "ignore": ["at-rule-preludes", "declaration-values"] to string-no-newline (#8214) (@​ryo-manba).
• Added: messageArgs to declaration-property-value-no-unknown, font-family-name-quotes, font-family-no-duplicate-names, function-calc-no-unspaced-operator, import-notation, media-feature-name-unit-allowed-list, selector-attribute-quotes and selector-pseudo-element-colon-notation (#8285 & #8252) (@​Mouvedia).
• Fixed: deprecation warnings to only display once per (custom) rule (#8265) (@​romainmenke).
• Fixed: *-no-vendor-prefix message ambiguity (#8239) (@​Mouvedia).
• Fixed: at-rule-(dis)allowed-list, at-rule-no-vendor-prefix, at-rule-property-required-list message argument (#8277) (@​Mouvedia).
• Fixed: at-rule-property-required-list message for inclusion of properties and descriptors (#8207) (@​jeddy3).
• Fixed: at-rule-* false positives and negatives for @charset rule (#8215) (@​jeddy3).
• Fixed: declaration-property-value-no-unknown false positives for descriptors (#8240) (@​jeddy3).
• Fixed: property-(dis)allowed-list false negatives for custom properties, use /^--/ to (dis)allow them (#8209) (@​fbasmaison-lucca).
• Fixed: property-no-unknown false positives for descriptors (#8203) (@​jeddy3).
• Fixed: selector-pseudo-class-no-unknown false positives for deprecated pseudo-classes (#8264) (@​Mouvedia).
• Fixed: selector-type-case false positives for hatchPath (#8264) (@​Mouvedia).
• Fixed: selector-type-no-unknown false positives for shadow, hatch and hatchpath (#8264) (@​Mouvedia).

Changelog

Sourced from stylelint's changelog.

16.13.2 - 2025-01-14

It fixes a regression bug with --fix.

• Fixed: --fix CLI flag raising unknown value error (#8313) (@​ybiquitous).

16.13.1 - 2025-01-13

It fixes one bug due to an upstream change in our ignore dependency.

• Fixed: ignore.default is not a function (#8305) (@​romainmenke).

16.13.0 - 2025-01-12

It adds 3 rules to help you write error-free at-rules and 2 rules to warn you about deprecated CSS features. We've turned these rules on in our standard config.

It also adds new rule options, a feature to display how long rules take, lax autofix and support for messageArgs in more rules. It fixes 7 bugs.

Lastly, we've made a deprecation that may affect some plugins. We've updated our docs for plugin authors and end users on how to silence deprecation warnings.

• Deprecated: ambiguous position arguments passed to utils.report() (#8244) (@​romainmenke).
• Added: lax/strict values to the fix Node.js API option and CLI flag (#8106) (@​ryo-manba).
• Added: support for profiling rule performance via the TIMING environment variable (#8108) (@​ryo-manba).
• Added: at-rule-descriptor-no-unknown rule (#8197) (@​ryo-manba).
• Added: at-rule-descriptor-value-no-unknown rule (#8211) (@​ryo-manba).
• Added: at-rule-no-deprecated rule (#8251) (@​jeddy3).
• Added: at-rule-prelude-no-invalid rule (#8268) (@​ryo-manba).
• Added: declaration-property-value-keyword-no-deprecated rule (#8223) (@​Mouvedia).
• Added: "ignore": ["at-rule-preludes", "declaration-values"] to string-no-newline (#8214) (@​ryo-manba).
• Added: messageArgs to declaration-property-value-no-unknown, font-family-name-quotes, font-family-no-duplicate-names, function-calc-no-unspaced-operator, import-notation, media-feature-name-unit-allowed-list, selector-attribute-quotes and selector-pseudo-element-colon-notation (#8285 & #8252) (@​Mouvedia).
• Fixed: deprecation warnings to only display once per (custom) rule (#8265) (@​romainmenke).
• Fixed: *-no-vendor-prefix message ambiguity (#8239) (@​Mouvedia).
• Fixed: at-rule-(dis)allowed-list, at-rule-no-vendor-prefix, at-rule-property-required-list message argument (#8277) (@​Mouvedia).
• Fixed: at-rule-property-required-list message for inclusion of properties and descriptors (#8207) (@​jeddy3).
• Fixed: at-rule-* false positives and negatives for @charset rule (#8215) (@​jeddy3).
• Fixed: declaration-property-value-no-unknown false positives for descriptors (#8240) (@​jeddy3).
• Fixed: property-(dis)allowed-list false negatives for custom properties, use /^--/ to (dis)allow them (#8209) (@​fbasmaison-lucca).
• Fixed: property-no-unknown false positives for descriptors (#8203) (@​jeddy3).
• Fixed: selector-pseudo-class-no-unknown false positives for deprecated pseudo-classes (#8264) (@​Mouvedia).
• Fixed: selector-type-case false positives for hatchPath (#8264) (@​Mouvedia).
• Fixed: selector-type-no-unknown false positives for shadow, hatch and hatchpath (#8264) (@​Mouvedia).

Commits

• 8887d41 16.13.2
• 545a26d Prepare 16.13.2 (#8314)
• c03f407 Fix --fix CLI flag raising unknown value error (#8313)
• 8a173d4 16.13.1
• c0df295 Prepare 16.13.1 (#8306)
• 7ea4219 Fix ignore.default is not a function (#8305)
• f5055fe Bump typescript from 5.7.2 to 5.7.3 in the typescript group (#8299)
• 5f82aa8 Bump rollup from 4.30.0 to 4.30.1 (#8300)
• 7aba28e Bump eslint from 9.17.0 to 9.18.0 in the eslint group (#8298)
• 81baea5 16.13.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud