chore(deps): update all non-major dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@babel/eslint-parser (source)	^7.19.1 → ^7.28.6			devDependencies	minor
@vue/test-utils	^1.3.3 → ^1.3.6			devDependencies	patch
actions/cache	v3.0.11 → v3.5.0			action	minor
actions/setup-node	v3.5.1 → v3.9.1			action	minor
babel-jest (source)	^29.3.1 → ^29.7.0			devDependencies	minor
composer/installers (source)	2.2.0 → 2.3.0			require	minor
core-js (source)	3.26.1 → 3.48.0			dependencies	minor
cweagans/composer-patches	^1.7.2 → ^1.7.3			require	patch
dotenv	^16.0.3 → ^16.6.1			dependencies	minor
drupal/core-composer-scaffold (source)	9.4.8 → 9.5.11			require	minor
drupal/core-dev	9.4.8 → 9.5.11			require-dev	minor
drupal/core-project-message (source)	9.4.8 → 9.5.11			require	minor
drupal/druxt (source)	1.1.1 → 1.2.1			require	minor
drupal/simple_oauth (source)	^5.2.2 → ^5.2.5			require	patch
drush/drush (source)	11.3.2 → 11.6.0			require	minor
druxt-auth	^0.2.0 → ^0.4.0			dependencies	minor
druxt-site (source)	^0.14.0 → ^0.14.3			dependencies	patch
eslint (source)	^8.27.0 → ^8.57.1			devDependencies	minor
eslint-config-prettier	^8.5.0 → ^8.10.2			devDependencies	minor
eslint-plugin-prettier	^4.2.1 → ^4.2.5			devDependencies	patch
eslint-plugin-vue (source)	^9.7.0 → ^9.33.0			devDependencies	minor
husky	^8.0.2 → ^8.0.3			devDependencies	patch
jest (source)	^29.3.1 → ^29.7.0			devDependencies	minor
jest-environment-jsdom (source)	^29.3.1 → ^29.7.0			devDependencies	minor
lint-staged	^13.0.3 → ^13.3.0			devDependencies	minor
node (source)	16.18.1 → 16.20.2				minor
node	16 → 16.20.2			uses-with	minor
php	8.1 → 8.5			docker	minor
start-server-and-test	^1.14.0 → ^1.15.4			devDependencies	minor
stylelint (source)	^14.15.0 → ^14.16.1			devDependencies	minor
stylelint-config-prettier	^9.0.4 → ^9.0.5			devDependencies	patch
stylelint-config-recommended-vue	^1.4.0 → ^1.6.1			devDependencies	minor
vlucas/phpdotenv	^5.5.0 → ^5.6.3			require	minor
vue-server-renderer (source)	^2.7.14 → ^2.7.16			dependencies	patch
vue-template-compiler (source)	^2.7.14 → ^2.7.16			dependencies	patch

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

babel/babel (@​babel/eslint-parser)

v7.28.6

Compare Source

v7.28.6 (2026-01-12)

Thanks @​kadhirash and @​kolvian for your first PRs!

🐛 Bug Fix

• babel-cli, babel-code-frame, babel-core, babel-helper-check-duplicate-nodes, babel-helper-fixtures, babel-helper-plugin-utils, babel-node, babel-plugin-transform-flow-comments, babel-plugin-transform-modules-commonjs, babel-plugin-transform-property-mutators, babel-preset-env, babel-traverse, babel-types
  • #​17589 Improve Unicode handling in code-frame tokenizer (@​JLHwung)
• babel-plugin-transform-regenerator
  • #​17556 fix: transform-regenerator correctly handles scope (@​liuxingbaoyu)
• babel-plugin-transform-react-jsx
  • #​17538 fix: Keep jsx comments (@​liuxingbaoyu)

💅 Polish

• babel-core, babel-standalone
  • #​17606 Polish(standalone): improve message on invalid preset/plugin (@​JLHwung)

🏠 Internal

• babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-plugin-proposal-decorators, babel-plugin-proposal-import-attributes-to-assertions, babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-async-do-expressions, babel-plugin-syntax-decorators, babel-plugin-syntax-destructuring-private, babel-plugin-syntax-do-expressions, babel-plugin-syntax-explicit-resource-management, babel-plugin-syntax-export-default-from, babel-plugin-syntax-flow, babel-plugin-syntax-function-bind, babel-plugin-syntax-function-sent, babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes, babel-plugin-syntax-import-defer, babel-plugin-syntax-import-source, babel-plugin-syntax-jsx, babel-plugin-syntax-module-blocks, babel-plugin-syntax-optional-chaining-assign, babel-plugin-syntax-partial-application, babel-plugin-syntax-pipeline-operator, babel-plugin-syntax-throw-expressions, babel-plugin-syntax-typescript, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-dotall-regex, babel-plugin-transform-duplicate-named-capturing-groups-regex, babel-plugin-transform-explicit-resource-management, babel-plugin-transform-exponentiation-operator, babel-plugin-transform-json-strings, babel-plugin-transform-logical-assignment-operators, babel-plugin-transform-nullish-coalescing-operator, babel-plugin-transform-numeric-separator, babel-plugin-transform-object-rest-spread, babel-plugin-transform-optional-catch-binding, babel-plugin-transform-optional-chaining, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-regexp-modifiers, babel-plugin-transform-unicode-property-regex, babel-plugin-transform-unicode-sets-regex
  • #​17580 Allow Babel 8 in compatible Babel 7 plugins (@​nicolo-ribaudo)

🏃‍♀️ Performance

• babel-plugin-transform-react-jsx
  • #​17555 perf: Use lighter traversal for jsx __source,__self (@​liuxingbaoyu)

Committers: 7

• Babel Bot (@​babel-bot)
• Eliot Pontarelli (@​kolvian)
• Huáng Jùnliàng (@​JLHwung)
• Kadhirash Sivakumar (@​kadhirash)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• @​liuxingbaoyu
• coderaiser (@​coderaiser)

v7.28.5

Compare Source

👓 Spec Compliance

• babel-parser
  • #​17446 Allow Runtime Errors for Function Call Assignment Targets (@​liuxingbaoyu)
• babel-helper-validator-identifier
  • #​17501 fix: update identifier to unicode 17 (@​fisker)

🐛 Bug Fix

• babel-plugin-proposal-destructuring-private
  • #​17534 Allow mixing private destructuring and rest (@​CO0Ki3)
• babel-parser
  • #​17521 Improve @babel/parser error typing (@​JLHwung)
  • #​17491 fix: improve ts-only declaration parsing (@​JLHwung)
• babel-plugin-proposal-discard-binding, babel-plugin-transform-destructuring
  • #​17519 fix: rest correctly returns plain array (@​liuxingbaoyu)
• babel-helper-create-class-features-plugin, babel-helper-member-expression-to-functions, babel-plugin-transform-block-scoping, babel-plugin-transform-optional-chaining, babel-traverse, babel-types
  • #​17503 Fix JSXIdentifier handling in isReferencedIdentifier (@​JLHwung)
• babel-traverse
  • #​17504 fix: ensure scope.push register in anonymous fn (@​JLHwung)

🏠 Internal

• babel-types
  • #​17494 Type checking babel-types scripts (@​JLHwung)

🏃‍♀️ Performance

• babel-core
  • #​17490 Faster finding of locations in buildCodeFrameError (@​liuxingbaoyu)

v7.28.4

Compare Source

🏠 Internal

• babel-core, babel-helper-check-duplicate-nodes, babel-traverse, babel-types
  • #​17493 Update Jest to v30.1.1 (@​JLHwung)
• babel-plugin-transform-regenerator
  • #​17455 chore: Clean up transform-regenerator (@​liuxingbaoyu)
• babel-core
  • #​17474 Switch to @​jridgewell/remapping (@​mrginglymus)

v7.28.0

Compare Source

🚀 New Feature

• babel-node
  • #​17147 Support top level await in node repl (@​liuxingbaoyu)
• babel-types
  • #​17258 feat(matchesPattern): support super/private/meta (@​JLHwung)
• babel-compat-data, babel-preset-env
  • #​17355 Add explicit resource management to preset-env (@​JLHwung)
• babel-core, babel-parser
  • #​17390 Support sourceType: "commonjs" (@​JLHwung)
• babel-generator, babel-parser
  • #​17346 Materialize explicitResourceManagement parser plugin (@​JLHwung)
• babel-plugin-proposal-destructuring-private, babel-plugin-proposal-do-expressions, babel-plugin-transform-object-rest-spread, babel-traverse, babel-types
  • #​17391 LVal coverage updates (Part 2) (@​JLHwung)
• babel-parser, babel-traverse, babel-types
  • #​17378 Accept bigints in t.bigIntLiteral factory (@​JLHwung)
• babel-generator, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-discard-binding, babel-plugin-transform-destructuring, babel-plugin-transform-explicit-resource-management, babel-plugin-transform-react-display-name, babel-types
  • #​17277 Transform discard binding (@​JLHwung)
• babel-generator, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-transform-block-scoping, babel-plugin-transform-object-rest-spread, babel-plugin-transform-typescript, babel-traverse, babel-types
  • #​17163 Parse discard binding (@​JLHwung)

🐛 Bug Fix

• babel-helper-globals, babel-plugin-transform-classes, babel-traverse
  • #​17297 Create babel-helper-globals (@​JLHwung)
• babel-types
  • #​17009 feature: TSTypeOperator: keyof (#​16799) (@​coderaiser)

🏠 Internal

• babel-compat-data, babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-json-modules, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3
  • #​17403 Update babel-polyfill packages (@​nicolo-ribaudo)

v7.27.5

Compare Source

🐛 Bug Fix

• babel-plugin-transform-regenerator
  • #​17359 fix: Unexpected infinite loop with regenerator for try (@​liuxingbaoyu)
• Other
  • #​17349 Map ESLint's sourceType: commonjs to script (@​JLHwung)

💅 Polish

• babel-parser
  • #​17333 Improve using declaration errors (@​JLHwung)

v7.27.1

Compare Source

👓 Spec Compliance

• babel-parser
  • #​17254 Allow using of as lexical declaration within for (@​JLHwung)
  • #​17230 Disallow get/set in TSPropertySignature (@​JLHwung)
• babel-parser, babel-types
  • #​17193 Stricter TSImportType options parsing (@​JLHwung)

🐛 Bug Fix

• babel-plugin-proposal-destructuring-private, babel-plugin-proposal-do-expressions, babel-traverse
  • #​17137 fix: do expressions should allow early exit (@​kermanx)
• babel-helper-wrap-function, babel-plugin-transform-async-to-generator
  • #​17251 Fix: propagate argument evaluation errors through async promise chain (@​magic-akari)
• babel-helper-remap-async-to-generator, babel-plugin-transform-async-to-generator
  • #​17231 fix apply()/call() annotated as pure (@​Lacsw)
• babel-helper-fixtures, babel-parser
  • #​17233 Create ChainExpression within TSInstantiationExpression (@​JLHwung)
• babel-generator, babel-parser
  • #​17226 Fill optional AST properties when both estree and typescript parser plugin are enabled (Part 2) (@​JLHwung)
• babel-parser
  • #​17224 Fill optional AST properties when both estree and typescript parser plugin are enabled (Part 1) (@​JLHwung)
  • #​17080 Fix start of TSParameterProperty (@​JLHwung)
• babel-compat-data, babel-preset-env
  • #​17228 Update firefox bugfix compat data (@​JLHwung)
• babel-traverse
  • #​17156 fix: Objects and arrays with multiple references should not be evaluated (@​liuxingbaoyu)
• babel-generator
  • #​17216 Fix: support const type parameter in generator (@​JLHwung)

💅 Polish

• babel-plugin-bugfix-v8-spread-parameters-in-optional-chaining, babel-plugin-proposal-decorators, babel-plugin-transform-arrow-functions, babel-plugin-transform-class-properties, babel-plugin-transform-destructuring, babel-plugin-transform-object-rest-spread, babel-plugin-transform-optional-chaining, babel-plugin-transform-parameters, babel-traverse
  • #​17221 Reduce generated names size for the 10th-11th (@​nicolo-ribaudo)

🏠 Internal

• babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #​17263 Remove unused regenerator-runtime dep in @babel/runtime (@​nicolo-ribaudo)
• babel-compat-data, babel-preset-env
  • #​17256 Tune plugin compat data (@​JLHwung)
• babel-compat-data, babel-standalone
  • #​17236 migrate babel-compat-data build script to mjs (@​JLHwung)
• Other
  • #​17232 Bump typescript-eslint to 8.29.1 (@​JLHwung)
  • #​17219 test: add basic typescript-eslint integration tests (@​JLHwung)
  • #​17205 Inline regenerator in the relevant packages (@​nicolo-ribaudo)
• babel-register
  • #​16844 Migrate @babel/register to cts (@​liuxingbaoyu)
• babel-cli, babel-compat-data, babel-core, babel-generator, babel-helper-compilation-targets, babel-helper-fixtures, babel-helper-module-imports, babel-helper-module-transforms, babel-helper-plugin-test-runner, babel-helper-transform-fixture-test-runner, babel-helpers, babel-node, babel-parser, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-modules-umd, babel-plugin-transform-react-display-name, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-plugin-transform-typeof-symbol, babel-plugin-transform-typescript, babel-preset-env, babel-register, babel-standalone, babel-types
  • #​17207 Enforce node protocol import (@​JLHwung)
• babel-plugin-transform-regenerator
  • #​17205 Inline regenerator in the relevant packages (@​nicolo-ribaudo)
  • #​17205 Inline regenerator in the relevant packages (@​nicolo-ribaudo)
• babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-preset-env, babel-runtime-corejs3
  • #​17205 Inline regenerator in the relevant packages (@​nicolo-ribaudo)
• babel-helpers, babel-plugin-transform-regenerator
  • #​17205 Inline regenerator in the relevant packages (@​nicolo-ribaudo)
  • #​17205 Inline regenerator in the relevant packages (@​nicolo-ribaudo)
• babel-helpers
  • #​17205 Inline regenerator in the relevant packages (@​nicolo-ribaudo)

🔬 Output optimization

• babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs3
  • #​16538 Reduce interopRequireWildcard size (@​liuxingbaoyu)
• babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-preset-env, babel-runtime-corejs3
  • #​17213 Reduce regeneratorRuntime size (@​liuxingbaoyu)

v7.27.0

Compare Source

👓 Spec Compliance

• babel-generator, babel-parser
  • #​16977 Default importAttributesKeyword to with (@​JLHwung)

🚀 New Feature

• babel-helper-create-class-features-plugin, babel-traverse, babel-types
  • #​17169 Allow traverseFast to exit early (@​liuxingbaoyu)
• babel-parser, babel-types
  • #​17110 Add ImportAttributes to Standardized and move its parser test fixtures (@​JLHwung)
• babel-generator
  • #​17100 fix(babel-generator): add named export of generate function (@​vovkasm)
• babel-parser, babel-template
  • #​17149 Add allowYieldOutsideFunction to parser (@​liuxingbaoyu)
• babel-plugin-transform-typescript, babel-traverse
  • #​17102 feat: Add upToScope parameter to hasBinding (@​liuxingbaoyu)
• babel-parser
  • #​17082 Support ESTree AccessorProperty (@​JLHwung)
• babel-types
  • #​17162 feat(babel-types): Add support for BigInt literal conversion in valueToNode (@​ishchhabra)

🐛 Bug Fix

• babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
  • #​16816 fix: Class reference in type throws error (@​liuxingbaoyu)
• babel-traverse
  • #​17170 fix: Reset child scopes when scope.crawl() (@​liuxingbaoyu)
• babel-helpers, babel-preset-typescript, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #​17118 Fix: align behaviour to tsc rewriteRelativeImportExtensions (@​JLHwung)
• babel-cli
  • #​17182 fix: @babel/cli generates duplicate inline source maps (@​liuxingbaoyu)
• babel-plugin-transform-named-capturing-groups-regex, babel-types
  • #​17175 Generate computed proto key (@​JLHwung)

🏃‍♀️ Performance

• babel-types
  • #​16870 perf: Improve builders of @babel/types (@​liuxingbaoyu)
• babel-helper-create-regexp-features-plugin
  • #​17176 fix: improve duplicate named groups check (@​JLHwung)

v7.26.10

Compare Source

👓 Spec Compliance

• babel-parser
  • #​17159 Disallow decorator in array pattern (@​JLHwung)

🐛 Bug Fix

• babel-parser, babel-template
  • #​17164 Fix: always initialize ExportDeclaration attributes (@​JLHwung)
• babel-core
  • #​17142 fix: "Map maximum size exceeded" in deepClone (@​liuxingbaoyu)
• babel-parser, babel-plugin-transform-typescript
  • #​17154 Update typescript parser tests (@​JLHwung)
• babel-traverse
  • #​17151 fix: Should not evaluate vars in child scope (@​liuxingbaoyu)
• babel-generator
  • #​17153 fix: Correctly generate abstract override (@​liuxingbaoyu)
• babel-parser
  • #​17107 Fix source type detection when parsing TypeScript (@​JLHwung)
• babel-helpers, babel-runtime, babel-runtime-corejs2, babel-runtime-corejs3
  • #​17173 Fix processing of replacement pattern with named capture groups (@​mmmsssttt404)

💅 Polish

• babel-standalone
  • #​17158 Avoid warnings when re-bundling @​babel/standalone with webpack (@​liuxingbaoyu)

🏠 Internal

• babel-parser
  • #​17160 Left-value parsing cleanup (@​JLHwung)

v7.26.8

Compare Source

v7.26.8 (2025-02-08)

🏠 Internal

• babel-preset-env
  • #​17097 Update dependency babel-plugin-polyfill-corejs3 to ^0.11.0

v7.26.5

Compare Source

👓 Spec Compliance

• babel-parser
  • #​17011 Allow the dynamic import.defer() form of import defer (@​babel-bot)

🐛 Bug Fix

• babel-plugin-transform-block-scoped-functions
  • #​17024 chore: Avoid calling isInStrictMode in Babel 7 (@​liuxingbaoyu)
• babel-plugin-transform-typescript
  • #​17026 fix: Correctly generate exported const enums in namespace (@​liuxingbaoyu)
• babel-parser
  • #​17045 [estree] Unify method type parameters handling (@​JLHwung)
  • #​17013 fix: Correctly set position for @(a.b)() (@​liuxingbaoyu)
  • #​16996 [estree] Adjust the start loc of class methods with type params (@​nicolo-ribaudo)
• babel-generator, babel-parser, babel-plugin-transform-flow-strip-types, babel-types
  • #​17028 Support flow jsx opening element type arguments (@​JLHwung)
• babel-compat-data, babel-preset-env
  • #​17031 fix: More accurate transform-typeof-symbol compat data (@​liuxingbaoyu)
• babel-generator, babel-parser, babel-types
  • #​17019 Fix incomplete visitor keys (@​JLHwung)

🔬 Output optimization

• babel-plugin-transform-nullish-coalescing-operator
  • #​16612 Improve nullish coalescing operator output (@​liuxingbaoyu)

v7.25.9

Compare Source

🐛 Bug Fix

• babel-parser, babel-template, babel-types
  • #​16905 fix: Keep type annotations in syntacticPlaceholders mode (@​liuxingbaoyu)
• babel-helper-compilation-targets, babel-preset-env
  • #​16907 fix: support BROWSERSLIST{,_CONFIG} env (@​JLHwung)
• Other
  • #​16884 Analyze ClassAccessorProperty to prevent the no-undef rule (@​victorenator)

🏠 Internal

• babel-helper-transform-fixture-test-runner
  • #​16914 remove test options flaky (@​JLHwung)

🏃‍♀️ Performance

• babel-parser, babel-types
  • #​16918 perf: Make VISITOR_KEYS etc. faster to access (@​liuxingbaoyu)

v7.25.8

Compare Source

🐛 Bug Fix

• babel-core
  • #​16888 Restore public API of resolvePlugin/resolvePreset (@​nicolo-ribaudo)

🏠 Internal

• babel-parser, babel-plugin-proposal-async-do-expressions, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-do-expressions, babel-plugin-proposal-explicit-resource-management, babel-plugin-proposal-export-default-from, babel-plugin-proposal-function-bind, babel-plugin-proposal-function-sent, babel-plugin-proposal-import-defer, babel-plugin-proposal-partial-application, babel-plugin-proposal-throw-expressions, babel-plugin-transform-async-generator-functions, babel-plugin-transform-class-static-block, babel-plugin-transform-dynamic-import, babel-plugin-transform-export-namespace-from, babel-plugin-transform-json-strings, babel-plugin-transform-logical-assignment-operators, babel-plugin-transform-nullish-coalescing-operator, babel-plugin-transform-numeric-separator, babel-plugin-transform-object-rest-spread, babel-plugin-transform-optional-catch-binding, babel-plugin-transform-optional-chaining, babel-plugin-transform-private-property-in-object, babel-preset-env
  • #​16824 Inline one-line syntax plugins (@​nicolo-ribaudo)

v7.25.7

Compare Source

🐛 Bug Fix

• babel-helper-validator-identifier
  • #​16825 fix: update identifier to unicode 16 (@​JLHwung)
• babel-traverse
  • #​16814 fix: issue with node path keys updated on unrelated paths (@​DylanPiercey)
• babel-plugin-transform-classes
  • #​16797 Use an inclusion rather than exclusion list for super() check (@​nicolo-ribaudo)
• babel-generator
  • #​16788 Fix printing of TS infer in compact mode (@​nicolo-ribaudo)
  • #​16785 Print TS type annotations for destructuring in assignment pattern (@​nicolo-ribaudo)
  • #​16778 Respect [no LineTerminator here] after nodes (@​nicolo-ribaudo)

💅 Polish

• babel-types
  • #​16852 Add deprecated JSDOC for fields (@​liuxingbaoyu)

🏠 Internal

• babel-core
  • #​16820 Allow sync loading of ESM when --experimental-require-module (@​nicolo-ribaudo)
• babel-helper-compilation-targets, babel-helper-plugin-utils, babel-preset-env
  • #​16858 Add browserslist config to external dependency (@​JLHwung)
• babel-plugin-proposal-destructuring-private, babel-plugin-syntax-decimal, babel-plugin-syntax-import-reflection, babel-standalone
  • #​16809 Archive syntax-import-reflection and syntax-decimal (@​nicolo-ribaudo)
• babel-generator
  • #​16779 Simplify logic for [no LineTerminator here] before nodes (@​nicolo-ribaudo)

🏃‍♀️ Performance

• babel-plugin-transform-typescript
  • #​16875 perf: Avoid extra cloning of namespaces (@​liuxingbaoyu)
• babel-types
  • #​16842 perf: Improve @​babel/types builders (@​liuxingbaoyu)
  • #​16828 Only access BABEL_TYPES_8_BREAKING at startup (@​nicolo-ribaudo)

v7.25.1

Compare Source

🐛 Bug Fix

• babel-plugin-transform-function-name
  • #​16683 fix: ensureFunctionName may be undefined (@​liuxingbaoyu)
• babel-plugin-transform-react-constant-elements
  • #​16582 fix plugin-transform-react-constant-elements transform JSXFrament but not add JSXExpressionContainer (@​keiseiTi)
• babel-traverse
  • #​16587 fix: fixed issue16583 + test (@​nerodesu017)

🏠 Internal

• #​16663 Test eslint plugin against eslint 9 (@​JLHwung)

v7.25.0

Compare Source

👓 Spec Compliance

• babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3
  • #​16537 await using normative updates (@​JLHwung)
• babel-plugin-transform-typescript
  • #​16602 Ensure enum members syntactically determinable to be strings do not get reverse mappings (@​liuxingbaoyu)

🚀 New Feature

• babel-helper-create-class-features-plugin, babel-helper-function-name, babel-helper-plugin-utils, babel-helper-wrap-function, babel-plugin-bugfix-safari-class-field-initializer-scope, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-preset-env, babel-traverse, babel-types
  • #​16658 Move ensureFunctionName to NodePath.prototype (@​nicolo-ribaudo)
• babel-helper-hoist-variables, babel-helper-plugin-utils, babel-plugin-proposal-async-do-expressions, babel-plugin-transform-modules-systemjs, babel-traverse
  • #​16644 Move hoistVariables to Scope.prototype (@​nicolo-ribaudo)
• babel-helper-create-class-features-plugin, babel-helper-module-transforms, babel-helper-plugin-utils, babel-helper-split-export-declaration, babel-plugin-transform-classes, babel-traverse, babel-types
  • #​16645 Move splitExportDeclaration to NodePath.prototype (@​nicolo-ribaudo)
• babel-helper-create-class-features-plugin, babel-helper-environment-visitor, babel-helper-module-transforms, babel-helper-plugin-utils, babel-helper-remap-async-to-generator, babel-helper-replace-supers, babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-plugin-transform-async-generator-functions, babel-plugin-transform-classes, babel-traverse
  • #​16649 Move environment-visitor helper into @babel/traverse (@​nicolo-ribaudo)
• babel-core, babel-parser
  • #​16480 Expose wether a module has TLA or not as .extra.async (@​nicolo-ribaudo)
• babel-compat-data, babel-plugin-bugfix-safari-class-field-initializer-scope, babel-preset-env
  • #​16569 Introduce bugfix-safari-class-field-initializer-scope (@​davidtaylorhq)
• babel-plugin-transform-block-scoping, babel-traverse, babel-types
  • #​16551 Add NodePath#getAssignmentIdentifiers (@​JLHwung)
• babel-helper-import-to-platform-api, babel-plugin-proposal-json-modules
  • #​16579 Add uncheckedRequire option for JSON imports to CJS (@​nicolo-ribaudo)
• babel-helper-transform-fixture-test-runner, babel-node
  • #​16642 Allow using custom config in babel-node --eval (@​slatereax)
• babel-compat-data, babel-helper-create-regexp-features-plugin, babel-plugin-proposal-duplicate-named-capturing-groups-regex, babel-plugin-transform-duplicate-named-capturing-groups-regex, babel-preset-env, babel-standalone
  • #​16445 Add duplicate-named-capturing-groups-regex to preset-env (@​JLHwung)

🐛 Bug Fix

• babel-generator
  • #​16678 Print parens around as expressions on the LHS (@​nicolo-ribaudo)
• babel-template, babel-types
  • #​15286 fix: Props are lost when the template replaces the node (@​liuxingbaoyu)

🏠 Internal

• Other
  • #​16674 bump gulp to 5 (@​JLHwung)
• babel-generator
  • #​16651 Simplify the printing logic for ( before ambiguous tokens (@​nicolo-ribaudo)
• babel-helper-function-name, babel-plugin-transform-arrow-functions, babel-plugin-transform-function-name, babel-preset-env, babel-traverse
  • #​16652 Simplify helper-function-name logic (@​nicolo-ribaudo)

🏃‍♀️ Performance

• babel-parser, babel-plugin-proposal-pipeline-operator
  • [#​16461](https://redirect.github.com/ba

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

🚀 Deployed on https://639d206f18290c3353ff4bcf--druxt-quickstart.netlify.app

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 0.00%. Comparing base (5b83d11) to head (ed336e4).

❗ Current head ed336e4 differs from pull request most recent head cebb118

Please upload reports for the commit cebb118 to get more accurate results.

Additional details and impacted files

@@           Coverage Diff           @@
##           develop     #98   +/-   ##
=======================================
  Coverage     0.00%   0.00%           
=======================================
  Files            4       4           
  Lines            6       6           
=======================================
  Misses           6       6           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

📝 Walkthrough

Walkthrough

This update involves upgrading various dependencies across multiple configuration files and package management systems. Key changes include updating the PHP Docker image and Node.js versions to newer releases. Additionally, several GitHub Actions workflows have been enhanced by upgrading action versions, while the Drupal project's composer.json and Nuxt's package.json files reflect updated dependencies for improved functionality and compatibility.

Changes

Files	Change Summary
.circleci/config.yml	Updated Docker image from php:8.1 to php:8.4.
.github/workflows/test-preview.yml, .github/workflows/theme-bootstrap-vue.yml, .github/workflows/theme-tailwindcss.yml	Upgraded actions/setup-node from v3.5.1 to v3.9.1 and actions/cache from v3.0.11 to v3.4.3.
.nvmrc, nuxt/.nvmrc	Changed Node.js version from 16.18.1 to 16.20.2.
drupal/composer.json	Updated multiple package versions, including composer/installers to 2.3.0, drupal/core-composer-scaffold to 9.5.11, and drush/drush to 11.6.0.
nuxt/package.json	Upgraded various dependencies and devDependencies, including core-js to 3.41.0 and eslint to ^8.57.1.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant CI
    participant Docker
    participant Node
    participant Drupal

    User->>CI: Push changes
    CI->>Docker: Use updated php:8.4 image
    CI->>Node: Setup node@16.20.2
    CI->>Drupal: Update composer dependencies
    CI->>Node: Update package.json dependencies
    CI->>User: Build complete

Loading

🐰 "In a world of code and change so bright,
Upgrades hop in with pure delight!
PHP and Node, they leap ahead,
With new versions, no more dread.
Dependencies dance, all in a row,
Making our projects faster to grow!" ✨

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch renovate/all-minor-patch

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[renovate]

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: drupal/composer.lock

Command failed: composer update cweagans/composer-patches:1.7.3 drupal/core-composer-scaffold:9.5.11 drupal/core-dev:9.5.11 drupal/core-project-message:9.5.11 drupal/core-recommended:9.5.11 drupal/druxt:1.2.0 drupal/simple_oauth:5.2.5 drush/drush:11.6.0 vlucas/phpdotenv:5.6.0 --with-dependencies --ignore-platform-req='ext-*' --ignore-platform-req='lib-*' --no-ansi --no-interaction --no-scripts --no-autoloader --no-plugins
Loading composer repositories with package information
Updating dependencies
Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - longwave/laminas-diactoros[2.14.2, ..., 2.14.x-dev] require php ^7.3 || ~8.0.0 || ~8.1.0 || ~8.2.0 -> your php version (8.3.6) does not satisfy that requirement.
    - drupal/core-recommended 9.5.11 requires longwave/laminas-diactoros ~2.14.2 -> satisfiable by longwave/laminas-diactoros[2.14.2, 2.14.x-dev].
    - Root composer.json requires drupal/core-recommended 9.5.11 -> satisfiable by drupal/core-recommended[9.5.11].

Use the option --with-all-dependencies (-W) to allow upgrades, downgrades and removals for packages currently locked to specific versions.

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 5b83d11 and d70ccdb.

Files ignored due to path filters (1)

• nuxt/package-lock.json is excluded by !**/package-lock.json

Files selected for processing (8)

• .circleci/config.yml (1 hunks)
• .github/workflows/test-preview.yml (2 hunks)
• .github/workflows/theme-bootstrap-vue.yml (2 hunks)
• .github/workflows/theme-tailwindcss.yml (2 hunks)
• .nvmrc (1 hunks)
• drupal/composer.json (1 hunks)
• nuxt/.nvmrc (1 hunks)
• nuxt/package.json (1 hunks)

Files skipped from review due to trivial changes (6)

• .github/workflows/test-preview.yml
• .github/workflows/theme-bootstrap-vue.yml
• .github/workflows/theme-tailwindcss.yml
• .nvmrc
• nuxt/.nvmrc
• nuxt/package.json

Additional comments not posted (2)

drupal/composer.json (1)

18-29: Dependency updates approved.

The updates to the dependencies in composer.json are approved. Ensure that these updates do not introduce any compatibility issues with other parts of the project.

.circleci/config.yml (1)

11-11: PHP version update approved.

The update to the PHP Docker image from php:8.1 to php:8.3 is approved. Verify that the application is compatible with PHP 8.3 to avoid runtime issues.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: drupal/composer.lock

Command failed: composer update composer/installers:2.3.0 cweagans/composer-patches:1.7.3 drupal/core-composer-scaffold:9.5.11 drupal/core-dev:9.5.11 drupal/core-project-message:9.5.11 drupal/druxt:1.2.1 drupal/simple_oauth:5.2.5 drush/drush:11.6.0 vlucas/phpdotenv:5.6.3 --with-dependencies --ignore-platform-req=ext-* --ignore-platform-req=lib-* --no-ansi --no-interaction --no-scripts --no-autoloader --no-plugins --minimal-changes
Loading composer repositories with package information
Updating dependencies
Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - drupal/core-recommended is locked to version 9.4.8 and an update of this package was not requested.
    - drupal/core-recommended 9.4.8 requires drupal/core 9.4.8 -> found drupal/core[9.4.8] but these were not loaded, because they are affected by security advisories ("SA-CORE-2023-001", "SA-CORE-2023-002", "SA-CORE-2023-003", "SA-CORE-2023-004", "SA-CORE-2023-005", "SA-CORE-2023-006", "SA-CORE-2024-001", "SA-CORE-2024-003", "SA-CORE-2024-004", "SA-CORE-2024-006", "SA-CORE-2024-007", "SA-CORE-2024-008", "SA-CORE-2025-001", "SA-CORE-2025-002", "SA-CORE-2025-003", "SA-CORE-2025-004", "SA-CORE-2025-007", "SA-CORE-2025-008", "SA-CORE-2025-005", "SA-CORE-2025-006", "PKSA-d8tb-wwz2-ctxk", "PKSA-dh1f-zjm5-qg8y", "PKSA-bn52-vyzy-rmnm", "PKSA-xj83-g6g8-41vf", "PKSA-s1zc-gcfk-ddw5", "PKSA-ctyc-dmct-npkz", "PKSA-42zc-x5ss-z64p", "PKSA-s6zc-mws4-ngh4", "PKSA-xd2s-f2mt-7tf3", "PKSA-g51h-n1x3-mszr", "PKSA-jthw-vxjy-kxnx", "PKSA-ts55-c66h-g96n", "PKSA-yjvc-rnsz-8n3c", "PKSA-styk-3knc-d1bt", "PKSA-2gfj-5sh8-j3c5", "PKSA-my7h-svxh-5q3g", "PKSA-h7d4-5mdz-2965"). Go to https://packagist.org/security-advisories/ to find advisory details. To ignore the advisories, add them to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 2
    - Root composer.json requires drupal/druxt 1.2.1 -> satisfiable by drupal/druxt[1.2.1].
    - drupal/druxt 1.2.1 requires drupal/core ^8.8 || ^9 || ^10 || ^11 -> found drupal/core[8.8.0-alpha1, ..., 8.9.x-dev, 9.0.0-alpha1, ..., 9.5.x-dev, 10.0.0-alpha1, ..., 10.6.x-dev, 11.0.0-alpha1, ..., 11.x-dev] but these were not loaded, because they are affected by security advisories ("SA-CORE-2019-009", "SA-CORE-2019-010", "SA-CORE-2019-012", "SA-CORE-2019-011", "SA-CORE-2020-001", "SA-CORE-2020-002", "SA-CORE-2020-004", "SA-CORE-2020-005", "SA-CORE-2020-006", "SA-CORE-2020-007", "SA-CORE-2020-009", "SA-CORE-2020-010", "SA-CORE-2020-008", "SA-CORE-2020-011", "SA-CORE-2020-012", "SA-CORE-2020-013", "SA-CORE-2021-001", "SA-CORE-2021-002", "SA-CORE-2021-003", "SA-CORE-2021-004", "SA-CORE-2021-005", "SA-CORE-2021-006", "SA-CORE-2021-007", "SA-CORE-2021-008", "SA-CORE-2021-009", "SA-CORE-2021-010", "SA-CORE-2021-011", "SA-CORE-2022-001", "SA-CORE-2022-003", "SA-CORE-2022-004", "SA-CORE-2022-005", "SA-CORE-2022-006", "SA-CORE-2022-008", "SA-CORE-2022-009", "SA-CORE-2022-010", "SA-CORE-2022-011", "SA-CORE-2022-012", "SA-CORE-2022-013", "SA-CORE-2022-014", "SA-CORE-2022-015", "SA-CORE-2022-016", "SA-CORE-2023-001", "SA-CORE-2023-002", "SA-CORE-2023-003", "SA-CORE-2023-004", "SA-CORE-2023-005", "SA-CORE-2023-006", "SA-CORE-2024-001", "SA-CORE-2024-002", "SA-CORE-2024-003", "SA-CORE-2024-004", "SA-CORE-2024-006", "SA-CORE-2024-007", "SA-CORE-2024-008", "SA-CORE-2025-001", "SA-CORE-2025-002", "SA-CORE-2025-003", "SA-CORE-2025-004", "SA-CORE-2025-007", "SA-CORE-2025-008", "SA-CORE-2025-005", "SA-CORE-2025-006", "PKSA-d8tb-wwz2-ctxk", "PKSA-dh1f-zjm5-qg8y", "PKSA-bn52-vyzy-rmnm", "PKSA-xj83-g6g8-41vf", "PKSA-s1zc-gcfk-ddw5", "PKSA-ctyc-dmct-npkz", "PKSA-42zc-x5ss-z64p", "PKSA-s6zc-mws4-ngh4", "PKSA-xd2s-f2mt-7tf3", "PKSA-g51h-n1x3-mszr", "PKSA-jthw-vxjy-kxnx", "PKSA-ts55-c66h-g96n", "PKSA-yjvc-rnsz-8n3c", "PKSA-q8r5-cgs2-dxxk", "PKSA-mh8z-kh9f-vv4z", "PKSA-styk-3knc-d1bt", "PKSA-2gfj-5sh8-j3c5", "PKSA-qvwm-3y4s-nttg", "PKSA-my7h-svxh-5q3g", "PKSA-h7d4-5mdz-2965", "PKSA-fpcy-trdp-tpy2", "PKSA-zbq2-x219-h8gz", "PKSA-4j5n-cxxv-ptjc", "PKSA-7q72-qds7-4xyv", "PKSA-hy6y-p19f-b5kf", "PKSA-gkkw-qh7h-5181", "PKSA-cp8p-f15s-htbt", "PKSA-72rg-qbp7-873g", "PKSA-2tvs-gcpz-cmm6", "PKSA-46zx-gs68-q4zv", "PKSA-4q53-3jd6-45wg", "PKSA-njy4-5vnq-bx5f", "PKSA-s6ck-qn9j-xnqf", "PKSA-6dxs-yv9z-8twp", "PKSA-bc4x-jnrh-4k6w", "PKSA-7zvx-63nf-7nkj", "PKSA-kjgx-r4v3-961f", "PKSA-77t6-rxnw-bfjm", "PKSA-jknr-sjbw-zn24", "PKSA-1k26-dn58-yzpc", "PKSA-69gr-9b59-5f99", "PKSA-c6qk-kgrx-8q42", "PKSA-ggc3-34xd-zmzd", "PKSA-j215-hxck-vk25", "PKSA-jkzg-rr1r-vmvy", "PKSA-5wmm-s575-4sjg", "PKSA-yxnf-v37t-gh27", "PKSA-rb2t-qsk8-f792", "PKSA-vcbr-zg2g-wfsp", "PKSA-n8hw-tywm-xrh7", "PKSA-mw8j-f3jc-m8zf", "PKSA-xv6s-sqg3-tq2g"). Go to https://packagist.org/security-advisories/ to find advisory details. To ignore the advisories, add them to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 3
    - Root composer.json requires drupal/simple_oauth ^5.2.5 -> satisfiable by drupal/simple_oauth[5.2.5].
    - drupal/simple_oauth 5.2.5 requires drupal/core ^9 || ^10 -> found drupal/core[9.0.0-alpha1, ..., 9.5.x-dev, 10.0.0-alpha1, ..., 10.6.x-dev] but these were not loaded, because they are affected by security advisories ("SA-CORE-2020-004", "SA-CORE-2020-005", "SA-CORE-2020-006", "SA-CORE-2020-007", "SA-CORE-2020-009", "SA-CORE-2020-010", "SA-CORE-2020-008", "SA-CORE-2020-011", "SA-CORE-2020-012", "SA-CORE-2020-013", "SA-CORE-2021-001", "SA-CORE-2021-002", "SA-CORE-2021-003", "SA-CORE-2021-004", "SA-CORE-2021-005", "SA-CORE-2021-006", "SA-CORE-2021-007", "SA-CORE-2021-008", "SA-CORE-2021-009", "SA-CORE-2021-010", "SA-CORE-2021-011", "SA-CORE-2022-001", "SA-CORE-2022-003", "SA-CORE-2022-004", "SA-CORE-2022-005", "SA-CORE-2022-006", "SA-CORE-2022-008", "SA-CORE-2022-009", "SA-CORE-2022-010", "SA-CORE-2022-011", "SA-CORE-2022-012", "SA-CORE-2022-013", "SA-CORE-2022-014", "SA-CORE-2022-015", "SA-CORE-2022-016", "SA-CORE-2023-001", "SA-CORE-2023-002", "SA-CORE-2023-003", "SA-CORE-2023-004", "SA-CORE-2023-005", "SA-CORE-2023-006", "SA-CORE-2024-001", "SA-CORE-2024-002", "SA-CORE-2024-003", "SA-CORE-2024-004", "SA-CORE-2024-006", "SA-CORE-2024-007", "SA-CORE-2024-008", "SA-CORE-2025-001", "SA-CORE-2025-002", "SA-CORE-2025-003", "SA-CORE-2025-004", "SA-CORE-2025-007", "SA-CORE-2025-008", "SA-CORE-2025-005", "SA-CORE-2025-006", "PKSA-d8tb-wwz2-ctxk", "PKSA-dh1f-zjm5-qg8y", "PKSA-bn52-vyzy-rmnm", "PKSA-xj83-g6g8-41vf", "PKSA-s1zc-gcfk-ddw5", "PKSA-ctyc-dmct-npkz", "PKSA-42zc-x5ss-z64p", "PKSA-s6zc-mws4-ngh4", "PKSA-xd2s-f2mt-7tf3", "PKSA-g51h-n1x3-mszr", "PKSA-jthw-vxjy-kxnx", "PKSA-ts55-c66h-g96n", "PKSA-yjvc-rnsz-8n3c", "PKSA-q8r5-cgs2-dxxk", "PKSA-mh8z-kh9f-vv4z", "PKSA-styk-3knc-d1bt", "PKSA-2gfj-5sh8-j3c5", "PKSA-qvwm-3y4s-nttg", "PKSA-my7h-svxh-5q3g", "PKSA-h7d4-5mdz-2965", "PKSA-fpcy-trdp-tpy2", "PKSA-zbq2-x219-h8gz", "PKSA-4j5n-cxxv-ptjc", "PKSA-7q72-qds7-4xyv", "PKSA-hy6y-p19f-b5kf", "PKSA-gkkw-qh7h-5181", "PKSA-cp8p-f15s-htbt", "PKSA-72rg-qbp7-873g", "PKSA-2tvs-gcpz-cmm6", "PKSA-46zx-gs68-q4zv", "PKSA-4q53-3jd6-45wg", "PKSA-njy4-5vnq-bx5f", "PKSA-s6ck-qn9j-xnqf", "PKSA-6dxs-yv9z-8twp", "PKSA-bc4x-jnrh-4k6w", "PKSA-7zvx-63nf-7nkj", "PKSA-kjgx-r4v3-961f", "PKSA-77t6-rxnw-bfjm", "PKSA-jknr-sjbw-zn24", "PKSA-1k26-dn58-yzpc", "PKSA-69gr-9b59-5f99", "PKSA-c6qk-kgrx-8q42", "PKSA-ggc3-34xd-zmzd", "PKSA-j215-hxck-vk25", "PKSA-jkzg-rr1r-vmvy", "PKSA-5wmm-s575-4sjg"). Go to https://packagist.org/security-advisories/ to find advisory details. To ignore the advisories, add them to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 4
    - Root composer.json requires vlucas/phpdotenv ^5.6.3 -> satisfiable by vlucas/phpdotenv[v5.6.3].
    - vlucas/phpdotenv v5.6.3 requires symfony/polyfill-ctype ^1.26 -> found symfony/polyfill-ctype[v1.26.0, ..., 1.x-dev] but these were not loaded, likely because it conflicts with another require.
  Problem 5
    - Root composer.json requires drush/drush 11.6.0 -> satisfiable by drush/drush[11.6.0].
    - chi-teck/drupal-code-generator[2.4.0, ..., 2.4.1] require twig/twig ^2.12 || ^3.1 -> found twig/twig[v2.12.0, ..., 2.x-dev, v3.1.0, ..., 3.x-dev] but these were not loaded, because they are affected by security advisories ("PKSA-v3kg-5xkr-pykw", "PKSA-yhcn-xrg3-68b1", "PKSA-2wrf-1xmk-1pky", "PKSA-6319-ffpf-gx66", "PKSA-n7sg-8f52-pqtf", "PKSA-8kk8-h2xr-h5nx"). Go to https://packagist.org/security-advisories/ to find advisory details. To ignore the advisories, add them to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
    - chi-teck/drupal-code-generator[2.5.0, ..., 2.x-dev] require twig/twig ^2.14.11 || ^3.1 -> found twig/twig[v2.14.11, ..., 2.x-dev, v3.1.0, ..., 3.x-dev] but these were not loaded, because they are affected by security advisories ("PKSA-v3kg-5xkr-pykw", "PKSA-yhcn-xrg3-68b1", "PKSA-2wrf-1xmk-1pky", "PKSA-6319-ffpf-gx66", "PKSA-n7sg-8f52-pqtf", "PKSA-8kk8-h2xr-h5nx"). Go to https://packagist.org/security-advisories/ to find advisory details. To ignore the advisories, add them to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
    - drush/drush 11.6.0 requires chi-teck/drupal-code-generator ^2.4 -> satisfiable by chi-teck/drupal-code-generator[2.4.0, ..., 2.x-dev].

Use the option --with-all-dependencies (-W) to allow upgrades, downgrades and removals for packages currently locked to specific versions.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

drupal/composer.json (1)

18-26: Dependency Versions Updated Correctly.
The updates to dependency versions (e.g. "composer/installers": "2.3.0", "cweagans/composer-patches": "^1.7.3", "drupal/core-composer-scaffold": "9.5.11", "drupal/core-project-message": "9.5.11", "drupal/druxt": "1.2.0", "drupal/simple_oauth": "^5.2.5", "drush/drush": "11.6.0", and "vlucas/phpdotenv": "^5.6.1") all reflect non-major updates that fit the PR objectives. Please verify that leaving "drupal/core-recommended": "9.4.8" unchanged is intentional.

nuxt/package.json (1)

31-37: Dependency Version Updates in Application Dependencies.
The updates for packages like "core-js": "3.41.0", "dotenv": "^16.4.7", "druxt-auth": "^0.4.0", "druxt-site": "^0.14.3", and "vue-server-renderer": "^2.7.16" are consistent with the PR’s objective to update non-major dependencies. Please double-check that the slight version difference between "vue-server-renderer" and "vue-template-compiler" (the latter remaining at "^2.7.14") does not lead to compatibility warnings in Vue applications.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d70ccdb and 879e6ab.

⛔ Files ignored due to path filters (1)

• nuxt/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (8)

• .circleci/config.yml (1 hunks)
• .github/workflows/test-preview.yml (2 hunks)
• .github/workflows/theme-bootstrap-vue.yml (2 hunks)
• .github/workflows/theme-tailwindcss.yml (2 hunks)
• .nvmrc (1 hunks)
• drupal/composer.json (1 hunks)
• nuxt/.nvmrc (1 hunks)
• nuxt/package.json (1 hunks)

✅ Files skipped from review due to trivial changes (4)

• nuxt/.nvmrc
• .github/workflows/test-preview.yml
• .nvmrc
• .github/workflows/theme-bootstrap-vue.yml

🔇 Additional comments (8)

drupal/composer.json (1)

29-29: Dev Dependency Update Confirmed.
The update of "drupal/core-dev" to "9.5.11" is consistent with the core dependency enhancements.

.circleci/config.yml (2)

11-11: Updated PHP Docker Image.
Changing the Docker image to php:8.4 is in line with using a more recent PHP runtime, which should help with performance and security. Ensure that any PHP-specific tooling or extensions remain compatible with the updated version.

---

12-61: CI Configuration Consistency.
The remainder of the configuration—including dependency installation, Composer commands, and workspace persistence—appears to be retained unaltered. Verify that the environment changes introduced by PHP 8.4 do not adversely affect any build or test steps.

.github/workflows/theme-tailwindcss.yml (2)

17-17: GitHub Action Setup-Node Update.
Upgrading actions/setup-node to v3.8.2 is a good non-major update that should help leverage improvements and fixes.

---

27-27: GitHub Action Cache Update.
The update to actions/cache@v3.4.3 improves performance and stability compared to the previous version.

nuxt/package.json (3)

40-45: Dev Dependency Updates for Testing and Linting.
The updates for "@babel/eslint-parser", "@vue/test-utils", and "babel-jest" (among others in the testing toolchain) are properly applied. Confirm that these updates integrate seamlessly with your current linting and unit testing configurations.

---

47-55: ESLint and Related Tooling Upgrades.
The new versions for "eslint", "eslint-config-prettier", "eslint-plugin-vue", and "husky" ensure you benefit from the latest fixes and enhancements. Running the lint suite after these updates is advised to catch any unforeseen changes.

---

56-60: Stylelint and Server Test Updates.
Upgrades to "start-server-and-test", "stylelint", "stylelint-config-prettier", and "stylelint-config-recommended-vue" are all in line with non-major improvements that can help with performance and developer experience.