Skip to content

chore(deps-dev): bump the npm-deps group in /themes/devops-maturity with 6 updates#57

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/themes/devops-maturity/npm-deps-2940d2ef20
Open

chore(deps-dev): bump the npm-deps group in /themes/devops-maturity with 6 updates#57
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/themes/devops-maturity/npm-deps-2940d2ef20

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm-deps group in /themes/devops-maturity with 6 updates:

Package From To
autoprefixer 10.4.27 10.5.2
cssnano 7.1.4 8.0.2
sass 1.98.0 1.101.0
postcss 8.5.14 8.5.16
webpack 5.105.4 5.108.3
webpack-cli 7.0.2 7.1.0

Updates autoprefixer from 10.4.27 to 10.5.2

Release notes

Sourced from autoprefixer's releases.

10.5.2

  • Moved -webkit-fill-available before -moz-available, so Firefox will use -webkit- version which is closer to stretch.

10.5.1

10.5.0 “Each Endeavouring, All Achieving”

  • Added mask-position-x and mask-position-y support (by @​toporek).
Changelog

Sourced from autoprefixer's changelog.

10.5.2

  • Moved -webkit-fill-available before -moz-available, so Firefox will use -webkit- version which is closer to stretch.

10.5.1

10.5.0 “Each Endeavouring, All Achieving”

  • Added mask-position-x and mask-position-y support (by @​toporek).
Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for autoprefixer since your current version.


Updates cssnano from 7.1.4 to 8.0.2

Release notes

Sourced from cssnano's releases.

v8.0.2

What's Changed

Full Changelog: https://github.com/cssnano/cssnano/compare/cssnano@8.0.1...cssnano@8.0.2

v8.0.1

What's Changed

Full Changelog: https://github.com/cssnano/cssnano/compare/cssnano@8.0.0...cssnano@8.0.1

v8.0.0

What's Changed

Full Changelog: https://github.com/cssnano/cssnano/compare/cssnano@7.1.9...cssnano@8.0.0

v7.1.9

Bug Fixes

Full Changelog: https://github.com/cssnano/cssnano/compare/cssnano@7.1.8...cssnano@7.1.9

v7.1.8

What's Changed

Full Changelog: https://github.com/cssnano/cssnano/compare/cssnano@7.1.7...cssnano@7.1.8

v.7.1.7

This release is idnetical to the previous one, but is being published to ensure that the latest versions of postcss-normalize-repeat-style and postcss-normalize-positions are uploaded to the npm registry.

... (truncated)

Commits
  • 185e1c7 Publish cssnano 8.0.2
  • 2ce8c2d chore: update the postcs peer dependency
  • 99bd9c1 docs: update website dependencies
  • 2ca8d4a chore: update development deps
  • b245a0b fix: update caniuse-api
  • 3bf3f4d chore: update postcss-selector-parser
  • 7343c87 fix: preserve apostrophes in svg data uris (#1819)
  • 964b9db chore(util): add benchmark + cpuprofile tooling (#1812)
  • 54a8db2 Include postcss-discard-overridden types in package
  • e0e39ae perf(postcss-merge-longhand): skip processors with no relevant decls
  • Additional commits viewable in compare view

Updates sass from 1.98.0 to 1.101.0

Release notes

Sourced from sass's releases.

Dart Sass 1.101.0

To install Sass 1.101.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

  • Potentially breaking bug fix: The Node package importer now properly supports resolving import-only variants of Sass files declared in the exports, sass, and style fields of package.json. Previously, these files were ignored even when loaded via @import, so any code relying on loading module-system-only files this way may break.

See the full changelog for changes in earlier releases.

Dart Sass 1.100.0

To install Sass 1.100.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

  • Writing two compound selectors adjacent to one another without any whitespace between them, such as [class]a, is now deprecated. This was always an error in CSS and Sass only supported it by mistake.

    See the Sass website for details.

See the full changelog for changes in earlier releases.

Dart Sass 1.99.0

To install Sass 1.99.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

  • Add support for parent selectors (&) at the root of the document. These are emitted as-is in the CSS output, where they're interpreted as the scoping root.

  • User-defined functions named calc or clamp are no longer forbidden. If such a function exists without a namespace in the current module, it will be used instead of the built-in calc() or clamp() function.

  • User-defined functions whose names begin with - and end with -expression, -url, -and, -or, or -not are no longer forbidden. These were originally intended to match vendor prefixes, but in practice no vendor prefixes for these functions ever existed in real browsers.

  • User-defined functions named EXPRESSION, URL, and ELEMENT, those that begin with - and end with -ELEMENT, as well as the same names with some lowercase letters are now deprecated, These are names conflict with plain CSS functions that have special syntax.

    See the Sass website for details.

  • In a future release, calls to functions whose names begin with - and end with -expression and -url will no longer have special parsing. For now, these calls are deprecated if their behavior will change in the future.

    See the Sass website for details.

... (truncated)

Changelog

Sourced from sass's changelog.

1.101.0

  • Potentially breaking bug fix: The Node package importer now properly supports resolving import-only variants of Sass files declared in the exports, sass, and style fields of package.json. Previously, these files were ignored even when loaded via @import, so any code relying on loading module-system-only files this way may break.

1.100.0

  • Writing two compound selectors adjacent to one another without any whitespace between them, such as [class]a, is now deprecated. This was always an error in CSS and Sass only supported it by mistake.

    See the Sass website for details.

1.99.0

  • Add support for parent selectors (&) at the root of the document. These are emitted as-is in the CSS output, where they're interpreted as the scoping root.

  • User-defined functions named calc or clamp are no longer forbidden. If such a function exists without a namespace in the current module, it will be used instead of the built-in calc() or clamp() function.

  • User-defined functions whose names begin with - and end with -expression, -url, -and, -or, or -not are no longer forbidden. These were originally intended to match vendor prefixes, but in practice no vendor prefixes for these functions ever existed in real browsers.

  • User-defined functions named EXPRESSION, URL, and ELEMENT, those that begin with - and end with -ELEMENT, as well as the same names with some lowercase letters are now deprecated, These are names conflict with plain CSS functions that have special syntax.

    See the Sass website for details.

  • In a future release, calls to functions whose names begin with - and end with -expression and -url will no longer have special parsing. For now, these calls are deprecated if their behavior will change in the future.

    See the Sass website for details.

  • Calls to functions whose names begin with - and end with -progid:... are deprecated.

... (truncated)

Commits
  • 63b9922 Load import-only files through package.json exports (#2772)
  • c7e9947 Migrate from bufbuild/buf-setup-action to bufbuild/buf-action (#2773)
  • 7674a4c Bump postcss from 8.5.13 to 8.5.15 in /pkg/sass-parser (#2774)
  • 5fd18c7 Bump node engine requirement to >=20.19.0 and chokidar requirement to ^5.0.0 ...
  • 8c1d984 Deprecate adjacent compound selectors (#2765)
  • 8e5f718 Bump postcss from 8.5.12 to 8.5.13 in /pkg/sass-parser (#2767)
  • 1447f9b Bump postcss from 8.5.8 to 8.5.12 in /pkg/sass-parser (#2766)
  • 83c39fe Support the top-level parent selector (#2758)
  • ec85871 Bump EndBug/add-and-commit from 9 to 10 (#2756)
  • a604acd [Function Name] Implement changes (#2731)
  • See full diff in compare view

Updates postcss from 8.5.14 to 8.5.16

Release notes

Sourced from postcss's releases.

8.5.16

8.5.15

  • Fixed declaration parsing performance (by @​homanp).
Changelog

Sourced from postcss's changelog.

8.5.16

8.5.15

  • Fixed declaration parsing performance (by @​homanp).
Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for postcss since your current version.


Updates webpack from 5.105.4 to 5.108.3

Release notes

Sourced from webpack's releases.

v5.108.3

Patch Changes

v5.108.2

Patch Changes

v5.108.1

Patch Changes

  • Fix invalid property access for escaped namespace imports with multi-character mangled export names. (by @​xiaoxiaojx in #21280)

  • Add frames to ProfilingPlugin TracingStartedInBrowser event so the trace loads in Chrome DevTools. (by @​alexander-akait in #21269)

v5.108.0

Minor Changes

  • Treat top-level await and import.meta as ES module markers, matching Node.js syntax detection so no explicit module type is needed. (by @​alexander-akait in #21218)

  • Add a bun target that emits ESM and externalizes bun:* and node.js built-in modules. (by @​alexander-akait in #21248)

  • Support CommonJS reexports via Object.defineProperty value and getter descriptors. (by @​alexander-akait in #21129)

  • Support JSON Schema const when generating CLI flags from a schema. (by @​alexander-akait in #21087)

  • Support JSON Schema if/then/else when generating CLI flags from a schema. (by @​alexander-akait in #21087)

  • Skip import specifiers, require() and import() calls in dead conditional branches gated by inlined imported constants (isDEV ? A : B), evaluated via getCondition. (by @​hai-x in #21136)

  • CSS localIdentName [hash] now resolves to the local ident hash (matching css-loader); use [modulehash] for the module hash. (by @​alexander-akait in #21259)

  • Add CSS parser as option and resolve url() inside HTML style attributes. (by @​alexander-akait in #21157)

  • Add dedicated module classes for all built-in module types. (by @​alexander-akait in #21164)

  • Support .html/.css for the default ./src entry under the html/css experiments. (by @​alexander-akait in #21039)

  • Add defineConfig helper for typed configuration files. (by @​alexander-akait in #21169)

  • Add a deno target (with versions, e.g. deno, deno2, deno1.40) that emits ESM, resolves node.js built-ins via the required node: specifier, and keeps Deno's own import protocols (npm:, jsr:, node:, http(s)://) external. (by @​alexander-akait in #21247)

... (truncated)

Changelog

Sourced from webpack's changelog.

5.108.3

Patch Changes

5.108.2

Patch Changes

5.108.1

Patch Changes

  • Fix invalid property access for escaped namespace imports with multi-character mangled export names. (by @​xiaoxiaojx in #21280)

  • Add frames to ProfilingPlugin TracingStartedInBrowser event so the trace loads in Chrome DevTools. (by @​alexander-akait in #21269)

5.108.0

Minor Changes

  • Treat top-level await and import.meta as ES module markers, matching Node.js syntax detection so no explicit module type is needed. (by @​alexander-akait in #21218)

  • Add a bun target that emits ESM and externalizes bun:* and node.js built-in modules. (by @​alexander-akait in #21248)

  • Support CommonJS reexports via Object.defineProperty value and getter descriptors. (by @​alexander-akait in #21129)

  • Support JSON Schema const when generating CLI flags from a schema. (by @​alexander-akait in #21087)

  • Support JSON Schema if/then/else when generating CLI flags from a schema. (by @​alexander-akait in #21087)

  • Skip import specifiers, require() and import() calls in dead conditional branches gated by inlined imported constants (isDEV ? A : B), evaluated via getCondition. (by @​hai-x in #21136)

  • CSS localIdentName [hash] now resolves to the local ident hash (matching css-loader); use [modulehash] for the module hash. (by @​alexander-akait in #21259)

  • Add CSS parser as option and resolve url() inside HTML style attributes. (by @​alexander-akait in #21157)

  • Add dedicated module classes for all built-in module types. (by @​alexander-akait in #21164)

  • Support .html/.css for the default ./src entry under the html/css experiments. (by @​alexander-akait in #21039)

... (truncated)

Commits

Updates webpack-cli from 7.0.2 to 7.1.0

Release notes

Sourced from webpack-cli's releases.

webpack-cli@7.1.0

Minor Changes

  • feat(cli): refresh the --help output using commander's configureHelp API — branded headers, section dividers, colorized terms and a clearer footer. Colors and chrome collapse to plain text when output is piped or --no-color is used, so scripts keep working. (by @​alexander-akait in #4779)

  • feat: support .json5, .yaml/.yml and .toml configuration files by parsing them directly, with the parser package (json5, js-yaml, toml) installed on demand by the user and declared as optional peerDependencies so the parsers resolve correctly under Yarn PnP (by @​alexander-akait in #4777)

webpack-cli@7.0.3

Patch Changes

  • Improved CLI startup performance and reduced memory usage. (by @​alexander-akait in #4765)

  • Reduced CLI startup CPU and memory usage by caching schema-derived argument metadata, registering only the options present in the arguments, and reading config directories once during default-config discovery. (by @​alexander-akait in #4760)

  • Replace the fastest-levenshtein dependency with a small in-tree implementation used for command/option "did you mean" suggestions. (by @​alexander-akait in #4762)

Changelog

Sourced from webpack-cli's changelog.

7.1.0

Minor Changes

  • feat(cli): refresh the --help output using commander's configureHelp API — branded headers, section dividers, colorized terms and a clearer footer. Colors and chrome collapse to plain text when output is piped or --no-color is used, so scripts keep working. (by @​alexander-akait in #4779)

  • feat: support .json5, .yaml/.yml and .toml configuration files by parsing them directly, with the parser package (json5, js-yaml, toml) installed on demand by the user and declared as optional peerDependencies so the parsers resolve correctly under Yarn PnP (by @​alexander-akait in #4777)

7.0.3

Patch Changes

  • Improved CLI startup performance and reduced memory usage. (by @​alexander-akait in #4765)

  • Reduced CLI startup CPU and memory usage by caching schema-derived argument metadata, registering only the options present in the arguments, and reading config directories once during default-config discovery. (by @​alexander-akait in #4760)

  • Replace the fastest-levenshtein dependency with a small in-tree implementation used for command/option "did you mean" suggestions. (by @​alexander-akait in #4762)

Commits
  • 3cd7423 chore(release): new release (#4778)
  • b42d1f4 fix(webpack-cli): declare json5/js-yaml/toml as optional peerDependencies (#4...
  • 3471103 refactor(cli): hierarchical indentation for styled CLI output (#4786)
  • 772330c build(deps): update dependencies (except commander) (#4785)
  • a7380e1 feat(cli): refresh CLI output via commander's help API + shared status icons ...
  • 721d8fd chore(deps): bump the dependencies group with 2 updates (#4780)
  • 65aa86c chore(deps-dev): bump the dependencies group with 3 updates (#4781)
  • 134e62d feat(webpack-cli): support json5/yaml/toml configs via direct parsing (no int...
  • 0b22f77 fix(cli): make config loading errors more verbose (#4776)
  • a5af401 chore(deps): bump launch-editor from 2.13.1 to 2.14.1 (#4774)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the npm-deps group in /themes/devops-maturity with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [autoprefixer](https://github.com/postcss/autoprefixer) | `10.4.27` | `10.5.2` |
| [cssnano](https://github.com/cssnano/cssnano) | `7.1.4` | `8.0.2` |
| [sass](https://github.com/sass/dart-sass) | `1.98.0` | `1.101.0` |
| [postcss](https://github.com/postcss/postcss) | `8.5.14` | `8.5.16` |
| [webpack](https://github.com/webpack/webpack) | `5.105.4` | `5.108.3` |
| [webpack-cli](https://github.com/webpack/webpack-cli) | `7.0.2` | `7.1.0` |


Updates `autoprefixer` from 10.4.27 to 10.5.2
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md)
- [Commits](postcss/autoprefixer@10.4.27...10.5.2)

Updates `cssnano` from 7.1.4 to 8.0.2
- [Release notes](https://github.com/cssnano/cssnano/releases)
- [Commits](https://github.com/cssnano/cssnano/compare/cssnano@7.1.4...cssnano@8.0.2)

Updates `sass` from 1.98.0 to 1.101.0
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](sass/dart-sass@1.98.0...1.101.0)

Updates `postcss` from 8.5.14 to 8.5.16
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.5.14...8.5.16)

Updates `webpack` from 5.105.4 to 5.108.3
- [Release notes](https://github.com/webpack/webpack/releases)
- [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md)
- [Commits](webpack/webpack@v5.105.4...v5.108.3)

Updates `webpack-cli` from 7.0.2 to 7.1.0
- [Release notes](https://github.com/webpack/webpack-cli/releases)
- [Changelog](https://github.com/webpack/webpack-cli/blob/main/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack-cli/compare/webpack-cli@7.0.2...webpack-cli@7.1.0)

---
updated-dependencies:
- dependency-name: autoprefixer
  dependency-version: 10.5.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-deps
- dependency-name: cssnano
  dependency-version: 8.0.2
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm-deps
- dependency-name: sass
  dependency-version: 1.101.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-deps
- dependency-name: postcss
  dependency-version: 8.5.16
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-deps
- dependency-name: webpack
  dependency-version: 5.108.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-deps
- dependency-name: webpack-cli
  dependency-version: 7.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 1, 2026
@dependabot dependabot Bot requested a review from a team as a code owner July 1, 2026 03:54
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 1, 2026
@netlify

netlify Bot commented Jul 1, 2026

Copy link
Copy Markdown

Deploy Preview for devops-maturity-spec failed. Why did it fail? →

Name Link
🔨 Latest commit ef69e47
🔍 Latest deploy log https://app.netlify.com/projects/devops-maturity-spec/deploys/6a448f6911e814000876c742

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants