Bump the npm group with 2 updates

[dependabot]

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

Bumps the npm group with 2 updates: axe-core and baseline-browser-mapping.

Updates axe-core from 4.11.3 to 4.11.4

Release notes

Sourced from axe-core's releases.

Release 4.11.4

This release addresses an issue with ancestry selectors. It is unlikely to change the number of issues found by axe-core.

Bug Fixes

• commons/text: exclude natively hidden elements from aria-labelledby accessible name (#5076) (df34adf), closes #4704
• utils/getAncestry: escape node name (#5079) (6e68d0a), closes #5078

Changelog

Sourced from axe-core's changelog.

4.11.4 (2026-04-23)

Bug Fixes

• commons/text: exclude natively hidden elements from aria-labelledby accessible name (#5076) (df34adf), closes #4704
• utils/getAncestry: escape node name (#5079) (6e68d0a), closes #5078

Commits

• dfbc245 chore: Release 4.11.4 (#5081)
• be1a0ab fix(sri-history): correct axe.js hash for 4.11.4
• cea72d3 chore(release): 4.11.4
• df34adf fix(commons/text): exclude natively hidden elements from aria-labelledby acce...
• fb85080 chore: fix cherry-pick script buffer size error for large git logs (#5071)
• 6e68d0a fix(utils/getAncestry): escape node name (#5079)
• See full diff in compare view

Updates baseline-browser-mapping from 2.10.23 to 2.10.24

Release notes

Sourced from baseline-browser-mapping's releases.

v2.9.3 - remove process.loadEnvFile()

What's Changed

• Remove process.loadEnfFile() from main script by @​tonypconway in web-platform-dx/baseline-browser-mapping#112

Full Changelog: web-platform-dx/baseline-browser-mapping@v2.9.2...v2.9.3

Commits

• 85a2a0d Patch to 2.10.24 because browser or feature data changed
• 7c50e2c Browser or feature data changed
• 2775eef Updating static site
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
github-oauth-example	Error		May 6, 2026 2:39pm