chore(deps): bump the production-dependencies group with 3 updates

[dependabot]

Bumps the production-dependencies group with 3 updates: esbuild, isomorphic-dompurify and sass.

Updates esbuild from 0.23.1 to 0.24.0

Release notes

Sourced from esbuild's releases.

v0.24.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.23.0 or ~0.23.0. See npm's documentation about semver for more information.

• Drop support for older platforms (#3902)

  This release drops support for the following operating system:

  • macOS 10.15 Catalina

  This is because the Go programming language dropped support for this operating system version in Go 1.23, and this release updates esbuild from Go 1.22 to Go 1.23. Go 1.23 now requires macOS 11 Big Sur or later.

  Note that this only affects the binary esbuild executables that are published to the esbuild npm package. It's still possible to compile esbuild's source code for these older operating systems. If you need to, you can compile esbuild for yourself using an older version of the Go compiler (before Go version 1.23). That might look something like this:

  git clone https://github.com/evanw/esbuild.git
  cd esbuild
  go build ./cmd/esbuild
  ./esbuild --version
  

• Fix class field decorators in TypeScript if useDefineForClassFields is false (#3913)

  Setting the useDefineForClassFields flag to false in tsconfig.json means class fields use the legacy TypeScript behavior instead of the standard JavaScript behavior. Specifically they use assign semantics instead of define semantics (e.g. setters are triggered) and fields without an initializer are not initialized at all. However, when this legacy behavior is combined with standard JavaScript decorators, TypeScript switches to always initializing all fields, even those without initializers. Previously esbuild incorrectly continued to omit field initializers for this edge case. These field initializers in this case should now be emitted starting with this release.

• Avoid incorrect cycle warning with tsconfig.json multiple inheritance (#3898)

  TypeScript 5.0 introduced multiple inheritance for tsconfig.json files where extends can be an array of file paths. Previously esbuild would incorrectly treat files encountered more than once when processing separate subtrees of the multiple inheritance hierarchy as an inheritance cycle. With this release, tsconfig.json files containing this edge case should work correctly without generating a warning.

• Handle Yarn Plug'n'Play stack overflow with tsconfig.json (#3915)

  Previously a tsconfig.json file that extends another file in a package with an exports map could cause a stack overflow when Yarn's Plug'n'Play resolution was active. This edge case should work now starting with this release.

• Work around more issues with Deno 1.31+ (#3917)

  This version of Deno broke the stdin and stdout properties on command objects for inherited streams, which matters when you run esbuild's Deno module as the entry point (i.e. when import.meta.main is true). Previously esbuild would crash in Deno 1.31+ if you ran esbuild like that. This should be fixed starting with this release.

  This fix was contributed by @​Joshix-1.

Changelog

Sourced from esbuild's changelog.

0.24.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.23.0 or ~0.23.0. See npm's documentation about semver for more information.

• Drop support for older platforms (#3902)

  This release drops support for the following operating system:

  • macOS 10.15 Catalina

  This is because the Go programming language dropped support for this operating system version in Go 1.23, and this release updates esbuild from Go 1.22 to Go 1.23. Go 1.23 now requires macOS 11 Big Sur or later.

  Note that this only affects the binary esbuild executables that are published to the esbuild npm package. It's still possible to compile esbuild's source code for these older operating systems. If you need to, you can compile esbuild for yourself using an older version of the Go compiler (before Go version 1.23). That might look something like this:

  git clone https://github.com/evanw/esbuild.git
  cd esbuild
  go build ./cmd/esbuild
  ./esbuild --version
  

• Fix class field decorators in TypeScript if useDefineForClassFields is false (#3913)

  Setting the useDefineForClassFields flag to false in tsconfig.json means class fields use the legacy TypeScript behavior instead of the standard JavaScript behavior. Specifically they use assign semantics instead of define semantics (e.g. setters are triggered) and fields without an initializer are not initialized at all. However, when this legacy behavior is combined with standard JavaScript decorators, TypeScript switches to always initializing all fields, even those without initializers. Previously esbuild incorrectly continued to omit field initializers for this edge case. These field initializers in this case should now be emitted starting with this release.

• Avoid incorrect cycle warning with tsconfig.json multiple inheritance (#3898)

  TypeScript 5.0 introduced multiple inheritance for tsconfig.json files where extends can be an array of file paths. Previously esbuild would incorrectly treat files encountered more than once when processing separate subtrees of the multiple inheritance hierarchy as an inheritance cycle. With this release, tsconfig.json files containing this edge case should work correctly without generating a warning.

• Handle Yarn Plug'n'Play stack overflow with tsconfig.json (#3915)

  Previously a tsconfig.json file that extends another file in a package with an exports map could cause a stack overflow when Yarn's Plug'n'Play resolution was active. This edge case should work now starting with this release.

• Work around more issues with Deno 1.31+ (#3917)

  This version of Deno broke the stdin and stdout properties on command objects for inherited streams, which matters when you run esbuild's Deno module as the entry point (i.e. when import.meta.main is true). Previously esbuild would crash in Deno 1.31+ if you ran esbuild like that. This should be fixed starting with this release.

  This fix was contributed by @​Joshix-1.

Commits

• d34e79e publish 0.24.0 to npm
• 045a87f fix #3887: omit dead export warning for default
• 6e049b8 fix #3913: useDefineForClassFields and decorators
• 9c26f98 lower decorators for useDefineForClassFields #3913
• 46fdb68 fix #3898: incorrect cyclic tsconfig.json warning
• b500443 fix #3917: running esbuild cli with deno
• b125e62 run make update-compat-table
• 112b9aa fix #3915: stack overflow with yarn + tsconfig
• ed5a555 wasm: catch and rethrow stack overflows (#3915)
• 11d3196 fix #3902: update go 1.22.5 => 1.23.1
• Additional commits viewable in compare view

Updates isomorphic-dompurify from 2.15.0 to 2.16.0

Release notes

Sourced from isomorphic-dompurify's releases.

Updated dependencies

Changelog

• Updated dompurify, jsdom and other dependencies.

See the complete changelog for more details.

Release

2.16.0

Commits

• 1a404c4 Upgraded deps. Increased project version.
• ef0c702 Merge pull request #288 from kkomelin/dependabot/npm_and_yarn/jsdom-25.0.1
• fc73358 Merge pull request #290 from kkomelin/dependabot/npm_and_yarn/dompurify-3.1.7
• ad1241f Bump jsdom from 25.0.0 to 25.0.1
• b84d959 Merge pull request #289 from kkomelin/dependabot/npm_and_yarn/terser-5.34.0
• 2970cfa Bump dompurify from 3.1.6 to 3.1.7
• 894fcd7 Bump terser from 5.33.0 to 5.34.0
• 09d04ef Merge pull request #287 from kkomelin/dependabot/npm_and_yarn/terser-5.33.0
• b364ed3 Bump terser from 5.32.0 to 5.33.0
• c9a1559 Merge pull request #286 from kkomelin/dependabot/npm_and_yarn/vitest-2.1.1
• Additional commits viewable in compare view

Updates sass from 1.78.0 to 1.79.4

Release notes

Sourced from sass's releases.

Dart Sass 1.79.4

To install Sass 1.79.4, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

JS API

• Fix a bug where passing green or blue to color.change() for legacy colors would fail.

See the full changelog for changes in earlier releases.

Dart Sass 1.79.3

To install Sass 1.79.3, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• Update the $channel parameter in the suggested replacement for color.red(), color.green(), color.blue(), color.hue(), color.saturation(), color.lightness(), color.whiteness(), and color.blackness() to use a quoted string.

See the full changelog for changes in earlier releases.

Dart Sass 1.79.2

To install Sass 1.79.2, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• Add a $space parameter to the suggested replacement for color.red(), color.green(), color.blue(), color.hue(), color.saturation(), color.lightness(), color.whiteness(), and color.blackness().

• Update deprecation warnings for the legacy JS API to include a link to relevant documentation.

See the full changelog for changes in earlier releases.

Dart Sass 1.79.1

To install Sass 1.79.1, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

... (truncated)

Changelog

Sourced from sass's changelog.

1.79.4

JS API

• Fix a bug where passing green or blue to color.change() for legacy colors would fail.

1.79.3

• Update the $channel parameter in the suggested replacement for color.red(), color.green(), color.blue(), color.hue(), color.saturation(), color.lightness(), color.whiteness(), and color.blackness() to use a quoted string.

1.79.2

• Add a $space parameter to the suggested replacement for color.red(), color.green(), color.blue(), color.hue(), color.saturation(), color.lightness(), color.whiteness(), and color.blackness().

• Update deprecation warnings for the legacy JS API to include a link to relevant documentation.

1.79.1

• No user-visible changes.

1.79.0

• Breaking change: Passing a number with unit % to the $alpha parameter of color.change(), color.adjust(), change-color(), and adjust-color() is now interpreted as a percentage, instead of ignoring the unit. For example, color.change(red, $alpha: 50%) now returns rgb(255 0 0 / 0.5).

• Potentially breaking compatibility fix: Sass no longer rounds RGB channels to the nearest integer. This means that, for example, rgb(0 0 1) != rgb(0 0 0.6). This matches the latest version of the CSS spec and browser behavior.

• Potentially breaking compatibility fix: Passing large positive or negative values to color.adjust() can now cause a color's channels to go outside that color's gamut. In most cases this will currently be clipped by the browser and end up showing the same color as before, but once browsers implement gamut mapping it may produce a different result.

• Add support for CSS Color Level 4 [color spaces]. Each color value now tracks its color space along with the values of each channel in that color space. There are two general principles to keep in mind when dealing with new color spaces:

... (truncated)

Commits

• f84e867 Fix JS API legacy SassColor.change (#2368)
• 72612c4 Bump bufbuild/buf-setup-action in /.github/util/initialize (#2363)
• b85ef9c Quote $channel in channel function replacement suggestions (#2361)
• fa4827f Add documentation link to legacy-js-api warning (#2355)
• 7c3f5e2 Add a $space parameter to the channel function deprecation (#2354)
• 5fa04d3 Fix sass-parser publishing (#2349)
• d740d02 Emit deprecation warnings for the legacy JS API (#2343)
• a957eea Bump chokidar to v4 (#2347)
• aa35aa2 Bump bufbuild/buf-setup-action in /.github/util/initialize (#2346)
• f826ed2 Stop emitting mixed-decls in a bunch of unnecessary cases (#2342)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[netlify]

✅ Deploy Preview for triviaccessibility ready!

Name	Link
🔨 Latest commit	deaabc2
🔍 Latest deploy log	https://app.netlify.com/sites/triviaccessibility/deploys/66fa352237e9aa0008022f6b
😎 Deploy Preview	https://deploy-preview-238--triviaccessibility.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.