chore(deps): bump the security group across 1 directory with 10 updates

[dependabot]

Bumps the security group with 10 updates in the /web directory:

Package	From	To
@storybook/addon-storysource	8.6.11	8.6.12
cronstrue	2.57.0	2.58.0
@pmmmwh/react-refresh-webpack-plugin	0.5.15	0.5.16
@storybook/addon-actions	8.6.11	8.6.12
@storybook/addon-links	8.6.11	8.6.12
@types/node	22.13.14	22.14.0
eslint-plugin-react	7.37.4	7.37.5
sass	1.86.0	1.86.3
typescript	5.8.2	5.8.3
webpack	5.98.0	5.99.0

Updates @storybook/addon-storysource from 8.6.11 to 8.6.12

Release notes

Sourced from @​storybook/addon-storysource's releases.

v8.6.12

8.6.12

• CLI: Only install Visual Test Addon if test feature is selected - #30966, thanks @​ghengeveld!
• Core: Fix telemetry error on Storybook UI - #30953, thanks @​yannbf!
• Ember: Fix ember-template-compiler import for ember 6+ - #30682, thanks @​leoeuclids!
• Next: Upgrade vite-plugin-storybook-nextjs for Next v14 compatibility - #30997, thanks @​kasperpeulen!
• Svelte: Exclude node_modules from docgen - #30981, thanks @​JReinhold!

Changelog

Sourced from @​storybook/addon-storysource's changelog.

8.6.12

• CLI: Only install Visual Test Addon if test feature is selected - #30966, thanks @​ghengeveld!
• Core: Fix telemetry error on Storybook UI - #30953, thanks @​yannbf!
• Ember: Fix ember-template-compiler import for ember 6+ - #30682, thanks @​leoeuclids!
• Next: Update vite-plugin-storybook-nextjs to 2.0.0--canary.33.17a2310.0 - #30997, thanks @​kasperpeulen!
• Svelte: Exclude node_modules from docgen - #30981, thanks @​JReinhold!

Commits

• 1c35b29 Bump version from "8.6.11" to "8.6.12" [skip ci]
• See full diff in compare view

Updates cronstrue from 2.57.0 to 2.58.0

Release notes

Sourced from cronstrue's releases.

v2.58.0

What's Changed

• Avoid pluralized weekdays on danish translation by @​rmja in bradymholt/cRonstrue#344

Full Changelog: bradymholt/cRonstrue@v2.57.0...v2.58.0

Commits

• 40f75ac Version 2.58.0
• d4268ed Avoid pluralized weekdays on danish translation (#344)
• See full diff in compare view

Updates @pmmmwh/react-refresh-webpack-plugin from 0.5.15 to 0.5.16

Release notes

Sourced from @​pmmmwh/react-refresh-webpack-plugin's releases.

v0.5.16

0.5.16 (31 Mar 2025)

Fixes

• Fixed out of order cleanup when using top-level await (#898)

Changelog

Sourced from @​pmmmwh/react-refresh-webpack-plugin's changelog.

0.5.16 (31 Mar 2025)

Fixes

• Fixed out of order cleanup when using top-level await (#898)

Commits

• a106ec7 chore: release v0.5.16 (#903)
• 92d7fd6 fix: out of order cleanup with top-level await (#898)
• 781ef6b docs: update CI badge on README (#902)
• a2e6c17 ci: fix GH actions trigger criteria
• 3e21d36 ci: migrate to github actions (#901)
• be959be chore(deps): bump nanoid from 3.3.7 to 3.3.8 in /examples/webpack-plugin-serv...
• d93f7bb chore(deps): bump koa from 2.15.3 to 2.15.4 (#897)
• 05c3bfb chore(deps): bump elliptic from 6.6.0 to 6.6.1 (#895)
• 5f36f04 chore(deps): bump koa from 2.15.3 to 2.15.4 in /examples/webpack-plugin-serve...
• 9f07d21 chore(deps-dev): bump nanoid from 3.3.7 to 3.3.8 (#892)
• Additional commits viewable in compare view

Updates @storybook/addon-actions from 8.6.11 to 8.6.12

Release notes

Sourced from @​storybook/addon-actions's releases.

v8.6.12

8.6.12

• CLI: Only install Visual Test Addon if test feature is selected - #30966, thanks @​ghengeveld!
• Core: Fix telemetry error on Storybook UI - #30953, thanks @​yannbf!
• Ember: Fix ember-template-compiler import for ember 6+ - #30682, thanks @​leoeuclids!
• Next: Upgrade vite-plugin-storybook-nextjs for Next v14 compatibility - #30997, thanks @​kasperpeulen!
• Svelte: Exclude node_modules from docgen - #30981, thanks @​JReinhold!

Changelog

Sourced from @​storybook/addon-actions's changelog.

8.6.12

• CLI: Only install Visual Test Addon if test feature is selected - #30966, thanks @​ghengeveld!
• Core: Fix telemetry error on Storybook UI - #30953, thanks @​yannbf!
• Ember: Fix ember-template-compiler import for ember 6+ - #30682, thanks @​leoeuclids!
• Next: Update vite-plugin-storybook-nextjs to 2.0.0--canary.33.17a2310.0 - #30997, thanks @​kasperpeulen!
• Svelte: Exclude node_modules from docgen - #30981, thanks @​JReinhold!

Commits

• 1c35b29 Bump version from "8.6.11" to "8.6.12" [skip ci]
• See full diff in compare view

Updates @storybook/addon-links from 8.6.11 to 8.6.12

Release notes

Sourced from @​storybook/addon-links's releases.

v8.6.12

8.6.12

• CLI: Only install Visual Test Addon if test feature is selected - #30966, thanks @​ghengeveld!
• Core: Fix telemetry error on Storybook UI - #30953, thanks @​yannbf!
• Ember: Fix ember-template-compiler import for ember 6+ - #30682, thanks @​leoeuclids!
• Next: Upgrade vite-plugin-storybook-nextjs for Next v14 compatibility - #30997, thanks @​kasperpeulen!
• Svelte: Exclude node_modules from docgen - #30981, thanks @​JReinhold!

Changelog

Sourced from @​storybook/addon-links's changelog.

8.6.12

• CLI: Only install Visual Test Addon if test feature is selected - #30966, thanks @​ghengeveld!
• Core: Fix telemetry error on Storybook UI - #30953, thanks @​yannbf!
• Ember: Fix ember-template-compiler import for ember 6+ - #30682, thanks @​leoeuclids!
• Next: Upgrade vite-plugin-storybook-nextjs for Next v14 compatibility - #30997, thanks @​kasperpeulen!
• Svelte: Exclude node_modules from docgen - #30981, thanks @​JReinhold!

Commits

• 1c35b29 Bump version from "8.6.11" to "8.6.12" [skip ci]
• See full diff in compare view

Updates @types/node from 22.13.14 to 22.14.0

Commits

• See full diff in compare view

Updates eslint-plugin-react from 7.37.4 to 7.37.5

Release notes

Sourced from eslint-plugin-react's releases.

v7.37.5

Fixed

• [no-unknown-property]: allow shadow root attrs on \<template> (#3912[] @​ljharb)
• [prop-types]: support ComponentPropsWithRef from a namespace import (#3651[] @​corydeppen)
• [jsx-no-constructed-context-values]: detect constructed context values in React 19 <Context> usage (#3910[] @​TildaDares)
• [no-unknown-property]: allow transform-origin on rect (#3914[] @​ljharb)

Changed

• [Docs] [button-has-type]: clean up phrasing (#3909[] @​hamirmahal)

#3651: jsx-eslint/eslint-plugin-react#3651 #3909: jsx-eslint/eslint-plugin-react#3909 #3910: jsx-eslint/eslint-plugin-react#3910 #3912: jsx-eslint/eslint-plugin-react#3912 #3914: jsx-eslint/eslint-plugin-react#3914 [button-has-type]: docs/rules/button-has-type.md [jsx-no-constructed-context-values]: docs/rules/jsx-no-constructed-context-values.md [no-unknown-property]: docs/rules/no-unknown-property.md [prop-types]: docs/rules/prop-types.md

Changelog

Sourced from eslint-plugin-react's changelog.

7.37.5 - 2025.04.03

Fixed

• [no-unknown-property]: allow shadow root attrs on \<template> (#3912[] @​ljharb)
• [prop-types]: support ComponentPropsWithRef from a namespace import (#3651[] @​corydeppen)
• [jsx-no-constructed-context-values]: detect constructed context values in React 19 <Context> usage (#3910[] @​TildaDares)
• [no-unknown-property]: allow transform-origin on rect (#3914[] @​ljharb)

Changed

• [Docs] [button-has-type]: clean up phrasing (#3909[] @​hamirmahal)

#3914: jsx-eslint/eslint-plugin-react#3914 #3912: jsx-eslint/eslint-plugin-react#3912 #3910: jsx-eslint/eslint-plugin-react#3910 #3909: jsx-eslint/eslint-plugin-react#3909 #3651: jsx-eslint/eslint-plugin-react#3651

Commits

• 2c98b83 Update CHANGELOG and bump version
• 2f64dea [Fix] no-unknown-property: allow transform-origin on rect
• 2428618 [Fix] jsx-no-constructed-context-values: detect constructed context values ...
• 60b7316 [Tests] prop-types: use proper spacing/semis, button type
• 90a00b9 [Fix] prop-types: support ComponentPropsWithRef from a namespace import
• 3fd9b92 [Fix] no-unknown-property: allow shadow root attrs on \<template>
• addad46 [Deps] update object.entries
• 98a31f8 [Dev Deps] update @babel/core, @babel/eslint-parser
• 7eb6ca9 [Docs] button-has-type: clean up phrasing
• See full diff in compare view

Updates sass from 1.86.0 to 1.86.3

Release notes

Sourced from sass's releases.

Dart Sass 1.86.3

To install Sass 1.86.3, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• Fix a bug introduced in 1.86.1 where Sass fails to resolve paths starting with a .. segment.

See the full changelog for changes in earlier releases.

Dart Sass 1.86.2

To install Sass 1.86.2, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• No user-visible changes.

See the full changelog for changes in earlier releases.

Dart Sass 1.86.1

To install Sass 1.86.1, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• Improve the performance of file: URL case canonicalization on Windows and Mac OS.

See the full changelog for changes in earlier releases.

Changelog

Sourced from sass's changelog.

1.86.3

• Fix a bug introduced in 1.86.1 where Sass fails to resolve paths starting with a .. segment.

1.86.2

• No user-visible changes.

1.86.1

• Improve the performance of file: URL case canonicalization on Windows and Mac OS.

Commits

• 52221c0 Fix canonicalize paths containing .. (#2561)
• f6fea3a Fix the sass_api release (#2557)
• cee843b Improve case canonicalization performance (#2552)
• bce1f4c Merge pull request #2547 from ntkme/gh-cli-release
• 6a9fb83 Generate artifact attestation
• ef8f3c4 Replace an external github action with github cli
• See full diff in compare view

Updates typescript from 5.8.2 to 5.8.3

Commits

• See full diff in compare view

Updates webpack from 5.98.0 to 5.99.0

Release notes

Sourced from webpack's releases.

v5.99.0

Fixes

• Fixed a lot of types
• Fixed runtime error when using asset module as entrypoint and runtimeChunk
• JSON generator now preserves __proto__ property
• Fixed when entry module isn't executed when targeting webworker with a runtime chunk
• Do not duplicate modules with import attributes and reexport
• The module and module ESM libraries have been union and code generation has been improved
• Use a valid output path for errored asset modules
• Remove BOM from JavaScript and CSS files when loader was not used
• Create export for externals for module/modern-module library
• Export unprovided variables for commonjs-static library
• Forward semicolons from meta.webpackAST
• Use xxhash64 for cache.hashAlgorithm when experiments.futureDefaults enabled
• [CSS] Fixed profiling plugin for CSS
• [CSS] Avoid extra module.export output for CSS module

Features

• Add dead control flow check
• Handle new Worker(import.meta.url) and new Worker(new URL(import.meta.url)) syntax
• Added ability to generate custom error content for generators

Performance Improvements

• Fixed excessive calls of getAllReferences
• Optimize loc for monomorphic inline caching

Chores

• Switch on strict types for typescript

Commits

• 1bd06e3 chore(release): 5.99.0
• 17b9d03 fix: a lot of types
• bba9874 fix: ESM library generation (#19386)
• e0891ee fix(css): avoid extra module.export output for css module (#19265)
• e5c3f95 feat: added ability to generate custom error content for generators (#19385)
• 880cf08 fix(types): split chunks cached group (#19384)
• 6d37e76 test: layer and define
• b8b90d6 fix: less any types (#19382)
• 05b39c2 fix: improve checking terminate state in try
• 38f9de5 fix: external resolve callback
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[replicated-ci]

LGTM 👍

This PR was automatically approved and merged by the automated-prs-manager GitHub action