build(deps-dev): bump the development-dependencies group across 1 directory with 5 updates

[dependabot]

Bumps the development-dependencies group with 5 updates in the / directory:

Package	From	To
cssnano	7.1.9	8.0.0
eslint	8.57.1	10.3.0
gscan	5.4.3	6.0.1
gulp	4.0.2	5.0.1
gulp-zip	5.1.0	6.1.0

Updates cssnano from 7.1.9 to 8.0.0

Release notes

Sourced from cssnano's releases.

v8.0.0

What's Changed

• Move declaration sorter to advanced preset by @​ludofischer and @​Goodwine in cssnano/cssnano#1793
• Drop node 20 by @​ludofischer in cssnano/cssnano#1794

Full Changelog: https://github.com/cssnano/cssnano/compare/cssnano@7.1.9...cssnano@8.0.0

Commits

• 1e058fc Publish cssnano 8.0
• aa11a12 chore: update PostCSS
• ea8e33a chore!: drop Node.js 20 support
• c7e9b2f chore: update pnpm to 10.33.3
• d7c57da Move declaration sorter to advanced preset (#1793)
• See full diff in compare view

Updates eslint from 8.57.1 to 10.3.0

Release notes

Sourced from eslint's releases.

v10.3.0

Features

• 379571a feat: add suggestions for no-unused-private-class-members (#20773) (sethamus)

Bug Fixes

• b6ae5cf fix: handle unavailable require cache (#20812) (Simon Podlipsky)
• 6fb3685 fix: rule suggestions cause continuation in class body (#20787) (Milos Djermanovic)

Documentation

• 32cc7ab docs: fix typos in docs and comments (#20809) (Tanuj Kanti)
• 7f47937 docs: Update README (GitHub Actions Bot)

Chores

• d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826) (Francesco Trotta)
• 3ffb14e chore: clean up typos in comments and JSDoc (#20821) (Pixel998)
• 22eb58a chore: add missing continue-on-error to ecosystem-tests.yml (#20818) (Josh Goldberg ✨)
• 88bf002 ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815) (dependabot[bot])
• 97c8c33 chore: update ilshidur/action-discord action to v0.4.0 (#20811) (renovate[bot])
• 2f58136 chore: pin peter-evans/create-pull-request action to 5f6978f (#20810) (renovate[bot])
• 77add7f chore: add initial ecosystem plugin tests workflow (#19643) (Josh Goldberg ✨)
• 4023b55 test: Add unit tests for SuppressionsService.prune() (#20797) (kuldeep kumar)
• 54080da test: add unit tests for ForkContext (#20778) (kuldeep kumar)
• f0e2bcc test: add unit tests for SuppressionsService.suppress() method (#20765) (kuldeep kumar)
• a7f0b94 chore: update dependency prettier to v3.8.3 (#20782) (renovate[bot])
• 7bf93d9 chore: update TypeScript to v6 (#20677) (sethamus)
• b42dd72 ci: bump pnpm/action-setup from 6.0.0 to 6.0.1 (#20781) (dependabot[bot])
• 2b252be test: add unit tests for IdGenerator (#20775) (kuldeep kumar)

v10.2.1

Bug Fixes

• 14be92b fix: model generator yield resumption paths in code path analysis (#20665) (sethamus)
• 84a19d2 fix: no-async-promise-executor false positives for shadowed Promise (#20740) (xbinaryx)
• af764af fix: clarify language and processor validation errors (#20729) (Pixel998)
• e251b89 fix: update eslint (#20715) (renovate[bot])

Documentation

• ca92ca0 docs: reuse markdown-it instance for markdown filter (#20768) (Amaresh S M)
• 57d2ee2 docs: Enable Eleventy incremental mode for watch (#20767) (Amaresh S M)
• c1621b9 docs: fix typos in code-path-analyzer.js (#20700) (Ayush Shukla)
• 1418d52 docs: Update README (GitHub Actions Bot)
• 39771e6 docs: Update README (GitHub Actions Bot)
• 71e0469 docs: fix incomplete JSDoc param description in no-shadow rule (#20728) (kuldeep kumar)
• 22119ce docs: clarify scope of for-direction rule with dead code examples (#20723) (Amaresh S M)
• 8f3fb77 docs: document meta.docs.dialects (#20718) (Pixel998)

Chores

• 7ddfea9 chore: update dependency prettier to v3.8.2 (#20770) (renovate[bot])
• fac40e1 ci: bump pnpm/action-setup from 5.0.0 to 6.0.0 (#20763) (dependabot[bot])
• 7246f92 test: add tests for SuppressionsService.load() error handling (#20734) (kuldeep kumar)
• 4f34b1e chore: update pnpm/action-setup action to v5 (#20762) (renovate[bot])

... (truncated)

Commits

• 7889204 10.3.0
• 5b69b4f Build: changelog update for 10.3.0
• d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826)
• b6ae5cf fix: handle unavailable require cache (#20812)
• 3ffb14e chore: clean up typos in comments and JSDoc (#20821)
• 6fb3685 fix: rule suggestions cause continuation in class body (#20787)
• 22eb58a chore: add missing continue-on-error to ecosystem-tests.yml (#20818)
• 88bf002 ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815)
• 379571a feat: add suggestions for no-unused-private-class-members (#20773)
• 97c8c33 chore: update ilshidur/action-discord action to v0.4.0 (#20811)
• Additional commits viewable in compare view

Updates gscan from 5.4.3 to 6.0.1

Commits

• d414592 v6.0.1
• 6ff9f9d Pinned express-handlebars to v8 and handlebars to 4.7.9 (#779)
• 0adabe5 Update dependency axios to v1.15.0 [SECURITY] (#774)
• b19671f Lock file maintenance (#778)
• aab2cc2 Update dependency @​sentry/node to v10.48.0 (#777)
• 590e1fe Update vitest monorepo to v4.1.4 (#776)
• 0446ff6 Update dependency @​eslint/compat to v2.0.5 (#775)
• f517a60 Update vitest monorepo to v4.1.3 (#773)
• 01cc126 Update dependency eslint to v10.2.0 (#770)
• 62f4a70 Update dependency express-handlebars to v9.0.1 (#772)
• Additional commits viewable in compare view

Updates gulp from 4.0.2 to 5.0.1

Release notes

Sourced from gulp's releases.

gulp v5.0.1

Bug Fixes

• Avoid globbing before read stream is opened (#2839) (19122f3)
• Avoid Node.js deprecation warning for fs.Stats (#2838) (69a5d0e)
• Support top-level await on Node 22.12+ (#2836) (04b4a74)

gulp v5.0.0

We've tried to provide a high-level changelog for gulp v5 below, but it doesn't contain all changes from the 60+ dependencies that we maintain.

Please see individual changelogs to drill down into all changes that were made.

⚠ BREAKING CHANGES

• Drop support for Node.js <10.13
• Default stream encoding to UTF-8
• Standardized on anymatch library for globbing paths. All globs should work the same between src and watch now!
• Removed support for ordered globs. This aligns with the chokidar globbing implementation. If you need your globs to be ordered, you can use ordered-read-stream
• All globs and paths are normalized to unix-like filepaths
• Only allow JS variants for .gulp.* config files
• Removed support for alpha releases of v4 from gulp-cli
• Removed the --verify flag
• Renamed the --require flag to --preload to avoid conflicting with Node.js flags
• Removed many legacy and deprecated loaders
• Upgrade to chokidar v3
• Clone Vinyl objects with stream contents using teex, but no longer wait for all streams to flow before cloned streams will receive data
• Stop using process.umask() to make directories, instead falling back to Node's default mode
• Throw on non-function, non-string option coercers
• Drop support of Node.js snake_case flags
• Use a Symbol for attaching the gulplog namespace to the store
• Use a Symbol for attaching the gulplog store to the global
• Use sha256 to hash the v8flags cache into a filename

Features

• Streamlined the dependency tree
• Switch all streams implementation to Streamx
• Rewrote glob-stream to use a custom directory walk that relies on newer Node.js features and is more performant than old implementation
• Implement translation support for all CLI messages and all messages passing through gulplog
• Allow users to customize or remove the timestamp from their logs
• Upgraded gulplog to v2. Messages logged via v1 will also display a deprecated warning. Plugins should update to v2 as the community upgrades to gulp 5
• Added support for gulpile.cjs and gulpfile.mjs
• Add support for swc, esbuild, sucrase, and mdx loaders
• Provide an ESM export (#2760) (b00de68)
• Support sourcemap handling on streaming Vinyl contents

... (truncated)

Changelog

Sourced from gulp's changelog.

5.0.1 (2025-06-01)

Bug Fixes

• Avoid globbing before read stream is opened (#2839) (19122f3)
• Avoid Node.js deprecation warning for fs.Stats (#2838) (69a5d0e)
• Support top-level await on Node 22.12+ (#2836) (04b4a74)

5.0.0 (2024-03-29)

We've tried to provide a high-level changelog for gulp v5 below, but it doesn't contain all changes from the 60+ dependencies that we maintain.

Please see individual changelogs to drill down into all changes that were made.

⚠ BREAKING CHANGES

• Drop support for Node.js <10.13
• Default stream encoding to UTF-8
• Standardized on anymatch library for globbing paths. All globs should work the same between src and watch now!
• Removed support for ordered globs. This aligns with the chokidar globbing implementation. If you need your globs to be ordered, you can use ordered-read-stream
• All globs and paths are normalized to unix-like filepaths
• Only allow JS variants for .gulp.* config files
• Removed support for alpha releases of v4 from gulp-cli
• Removed the --verify flag
• Renamed the --require flag to --preload to avoid conflicting with Node.js flags
• Removed many legacy and deprecated loaders
• Upgrade to chokidar v3
• Clone Vinyl objects with stream contents using teex, but no longer wait for all streams to flow before cloned streams will receive data
• Stop using process.umask() to make directories, instead falling back to Node's default mode
• Throw on non-function, non-string option coercers
• Drop support of Node.js snake_case flags
• Use a Symbol for attaching the gulplog namespace to the store
• Use a Symbol for attaching the gulplog store to the global
• Use sha256 to hash the v8flags cache into a filename

Features

• Streamlined the dependency tree
• Switch all streams implementation to Streamx
• Rewrote glob-stream to use a custom directory walk that relies on newer Node.js features and is more performant than old implementation
• Implement translation support for all CLI messages and all messages passing through gulplog
• Allow users to customize or remove the timestamp from their logs
• Upgraded gulplog to v2. Messages logged via v1 will also display a deprecated warning. Plugins should update to v2 as the community upgrades to gulp 5
• Added support for gulpile.cjs and gulpfile.mjs
• Add support for swc, esbuild, sucrase, and mdx loaders
• Provide an ESM export (#2760) (b00de68)
• Support sourcemap handling on streaming Vinyl contents

... (truncated)

Commits

• 0003e9f chore: release 5.0.1 (#2837)
• 19122f3 fix: Avoid globbing before read stream is opened (#2839)
• 69a5d0e fix: Avoid Node.js deprecation warning for fs.Stats (#2838)
• 04b4a74 fix: Support top-level await on Node 22.12+ (#2836)
• c90e79e chore: Fix CI (#2835)
• 5412605 chore(docs): Update async completion document for newer RxJS (#2831)
• 2fa4981 chore: Update glob docs with replacement to ordered globs (#2788)
• fe9dee6 chore: Remove locale docs (#2787)
• a85eddb chore: Remove node-glob options from docs (#2786)
• 9c818e6 chore: update src.md docs to add encoding parameter
• Additional commits viewable in compare view

Updates gulp-zip from 5.1.0 to 6.1.0

Release notes

Sourced from gulp-zip's releases.

v6.1.0

• Update dependencies (#126) 2cb2061

sindresorhus/gulp-zip@v6.0.0...v6.1.0

v6.0.0

Breaking

• Require Node.js 18 ccd0a32
• This package is now pure ESM. Please read this.

sindresorhus/gulp-zip@v5.1.0...v6.0.0

Commits

• f4cf6ce 6.1.0
• 29d7589 Meta tweaks
• 2cb2061 Update dependencies (#126)
• 3b86d6d 6.0.0
• ccd0a32 Require Node.js 18 and move to ESM
• 1990751 Meta tweaks
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions