chore(deps-dev): bump the dependencies group with 4 updates

[dependabot]

Bumps the dependencies group with 4 updates: @swc/core, js-yaml, prettier and webpack.

Updates @swc/core from 1.15.41 to 1.15.43

Changelog

Sourced from @​swc/core's changelog.

[1.15.43] - 2026-06-22

Bug Fixes

• (es/es2022) Correct scope for private property brand checks (#11953) (fb5afa2)

• (es/minifier) Preserve cooked when concatenating template literals (#11939) (a7244a6)

• (es/minifier) Gate Number(x) -> +x on unsafe flag (#11944) (#11949) (6176019)

• (es/parser) Parse Flow bare renders types (#11929) (a71c8eb)

• (es/parser) Allow no-default builds (#11956) (baab240)

• (es/react-compiler) Skip TypeScript this pseudo-params in scope collector (#11940) (9066c43)

• (es/react-compiler) Scope ClassStaticBlock and TsModuleBlock as var boundaries (#11943) (1ee74a0)

• (react-compiler) Avoid reporting non-fatal success errors as diagnostics (#11951) (cb4cb23)

• (react-compiler) React compiler AST conversion for wrapped assignment targets (#11952) (fc9b453)

• (react-compiler) Disable parser default features (#11957) (75ddb28)

Documentation

• Document untrusted input security scope (#11937) (677305b)

Features

• (es/react-compiler) Add React Compiler (#11917) (b182fbd)

• (swc) Gate react compiler re-export (#11941) (dcc0f2d)

... (truncated)

Commits

• 73f0f38 chore: Publish 1.15.43 with swc_core v71.0.3
• 550e539 chore: Publish 1.15.43-nightly-20260622.1 with swc_core v71.0.3
• 1523823 chore: Publish 1.15.42-nightly-20260622.1 with swc_core v71.0.2
• 0dffdc4 refactor: Remove production tracing hooks (#11945)
• b182fbd feat(es/react-compiler): Add React Compiler (#11917)
• See full diff in compare view

Updates js-yaml from 5.0.0 to 5.1.0

Changelog

Sourced from js-yaml's changelog.

[5.1.0] - 2026-06-23

Added

• Collection tags can finalize an incrementally populated carrier into a different result value.

Changed

• [breaking] quoteStyle now selects the preferred quote style; use the restored forceQuotes option to force quoting non-key strings.

Commits

• f1e45cd 5.1.0 released
• 53b22be Fix constructor coverage
• a1eaa2b Fix quote style options and restore forceQuotes
• 0532e7d Add finalizers for immutable collection tags
• 9f00b91 tests: drop the rest of issues tests, move a small fraction of useful checks ...
• 6be5d46 tests: drop not actual or duplicating issue tests (covered in other places)
• a7c9766 Fix !!pairs coverage
• See full diff in compare view

Updates prettier from 3.8.4 to 3.8.5

Release notes

Sourced from prettier's releases.

3.8.5

• Fix Flow variance annotation print (#19022 by @​marcoww6)

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.8.5

diff

Flow: Support readonly as a variance annotation (#19022 by @​marcoww6)

Flow now accepts readonly as a property variance annotation, equivalent to + (covariant/read-only).

// Input
type T = {
  readonly foo: string,
};
// Prettier 3.8.4
SyntaxError
// Prettier 3.8.5
type T = {
readonly foo: string,
};

Commits

• 1ce8c47 Release 3.8.5
• 74923fa Fix variance annotation
• 8b4eb33 Bump Prettier dependency to 3.8.4
• e9cbdfa Clean changelog_unreleased
• See full diff in compare view

Updates webpack from 5.107.2 to 5.108.1

Release notes

Sourced from webpack's releases.

v5.108.1

Patch Changes

• Fix invalid property access for escaped namespace imports with multi-character mangled export names. (by @​xiaoxiaojx in #21280)

• Add frames to ProfilingPlugin TracingStartedInBrowser event so the trace loads in Chrome DevTools. (by @​alexander-akait in #21269)

v5.108.0

Minor Changes

• Treat top-level await and import.meta as ES module markers, matching Node.js syntax detection so no explicit module type is needed. (by @​alexander-akait in #21218)

• Add a bun target that emits ESM and externalizes bun:* and node.js built-in modules. (by @​alexander-akait in #21248)

• Support CommonJS reexports via Object.defineProperty value and getter descriptors. (by @​alexander-akait in #21129)

• Support JSON Schema const when generating CLI flags from a schema. (by @​alexander-akait in #21087)

• Support JSON Schema if/then/else when generating CLI flags from a schema. (by @​alexander-akait in #21087)

• Skip import specifiers, require() and import() calls in dead conditional branches gated by inlined imported constants (isDEV ? A : B), evaluated via getCondition. (by @​hai-x in #21136)

• CSS localIdentName [hash] now resolves to the local ident hash (matching css-loader); use [modulehash] for the module hash. (by @​alexander-akait in #21259)

• Add CSS parser as option and resolve url() inside HTML style attributes. (by @​alexander-akait in #21157)

• Add dedicated module classes for all built-in module types. (by @​alexander-akait in #21164)

• Support .html/.css for the default ./src entry under the html/css experiments. (by @​alexander-akait in #21039)

• Add defineConfig helper for typed configuration files. (by @​alexander-akait in #21169)

• Add a deno target (with versions, e.g. deno, deno2, deno1.40) that emits ESM, resolves node.js built-ins via the required node: specifier, and keeps Deno's own import protocols (npm:, jsr:, node:, http(s)://) external. (by @​alexander-akait in #21247)

• Use module-import for electron externals when the target supports ESM. (by @​alexander-akait in #21184)

• Add output.environment.logicalAssignment to emit ||= in runtime code when the target supports logical assignment operators. (by @​bjohansebas in #21219)

• Resolve and rewrite asset URLs inside <iframe srcdoc> in HTML modules. (by @​bjohansebas in #21226)

• Add HMR support for HTML modules with body/title DOM patching on update. (by @​alexander-akait in #21011)

• Add css-url html source type extracting url() references from CSS-valued attributes. (by @​alexander-akait in #21250)

• Add module.parser.html.sources option to disable or customize URL-attribute extraction for HTML modules, with script / script-module / stylesheet / stylesheet-inline types for custom attributes (by @​alexander-akait in #21022)

• Add module.parser.html.template option to transform HTML module source before parsing. (by @​alexander-akait in #21055)

• Extract more source URLs in HTML modules (SVG, legacy and obsolete attributes). (by @​alexander-akait in #21241)

... (truncated)

Changelog

Sourced from webpack's changelog.

5.108.1

Patch Changes

• Fix invalid property access for escaped namespace imports with multi-character mangled export names. (by @​xiaoxiaojx in #21280)

• Add frames to ProfilingPlugin TracingStartedInBrowser event so the trace loads in Chrome DevTools. (by @​alexander-akait in #21269)

5.108.0

Minor Changes

• Treat top-level await and import.meta as ES module markers, matching Node.js syntax detection so no explicit module type is needed. (by @​alexander-akait in #21218)

• Add a bun target that emits ESM and externalizes bun:* and node.js built-in modules. (by @​alexander-akait in #21248)

• Support CommonJS reexports via Object.defineProperty value and getter descriptors. (by @​alexander-akait in #21129)

• Support JSON Schema const when generating CLI flags from a schema. (by @​alexander-akait in #21087)

• Support JSON Schema if/then/else when generating CLI flags from a schema. (by @​alexander-akait in #21087)

• Skip import specifiers, require() and import() calls in dead conditional branches gated by inlined imported constants (isDEV ? A : B), evaluated via getCondition. (by @​hai-x in #21136)

• CSS localIdentName [hash] now resolves to the local ident hash (matching css-loader); use [modulehash] for the module hash. (by @​alexander-akait in #21259)

• Add CSS parser as option and resolve url() inside HTML style attributes. (by @​alexander-akait in #21157)

• Add dedicated module classes for all built-in module types. (by @​alexander-akait in #21164)

• Support .html/.css for the default ./src entry under the html/css experiments. (by @​alexander-akait in #21039)

• Add defineConfig helper for typed configuration files. (by @​alexander-akait in #21169)

• Add a deno target (with versions, e.g. deno, deno2, deno1.40) that emits ESM, resolves node.js built-ins via the required node: specifier, and keeps Deno's own import protocols (npm:, jsr:, node:, http(s)://) external. (by @​alexander-akait in #21247)

• Use module-import for electron externals when the target supports ESM. (by @​alexander-akait in #21184)

• Add output.environment.logicalAssignment to emit ||= in runtime code when the target supports logical assignment operators. (by @​bjohansebas in #21219)

• Resolve and rewrite asset URLs inside <iframe srcdoc> in HTML modules. (by @​bjohansebas in #21226)

• Add HMR support for HTML modules with body/title DOM patching on update. (by @​alexander-akait in #21011)

• Add css-url html source type extracting url() references from CSS-valued attributes. (by @​alexander-akait in #21250)

• Add module.parser.html.sources option to disable or customize URL-attribute extraction for HTML modules, with script / script-module / stylesheet / stylesheet-inline types for custom attributes (by @​alexander-akait in #21022)

• Add module.parser.html.template option to transform HTML module source before parsing. (by @​alexander-akait in #21055)

... (truncated)

Commits

• da91761 chore(release): new release (#21284)
• b6c9fcf chore: move members to emeritus (#21281)
• 062aa20 Fix invalid property access for escaped namespace with mangled exports (#21280)
• ed9fa71 fix: render ProfilingPlugin trace in Chrome DevTools (#21269)
• 322b060 chore(release): new release (#21037)
• 03a0433 test: run AbstractMethodError and parseJson unit tests under Bun (#21273)
• e7202b4 chore(deps): bump the dependencies group with 3 updates (#21270)
• 9a51ee1 fix(html): run the any-other-end-tag fallback for a marker-shielded nobr (#21...
• a040ac1 test: cap Node jest worker memory and fix harness teardown leaks (#21268)
• 7c81bde Re-encode inline hash digests ([contenthash]/[chunkhash]/[fullhash]/[moduleha...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[changeset-bot]

⚠️ No Changeset found

Latest commit: e0cbc87

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR