Bump the npm_and_yarn group across 4 directories with 6 updates

[dependabot]

Bumps the npm_and_yarn group with 1 update in the /api directory: yaml.
Bumps the npm_and_yarn group with 3 updates in the /e2e-tests/cypress directory: tough-cookie, axios and @babel/traverse.
Bumps the npm_and_yarn group with 3 updates in the /webapp directory: @babel/traverse, bootstrap and @types/bootstrap.
Bumps the npm_and_yarn group with 2 updates in the /webapp/channels directory: bootstrap and @types/bootstrap.

Updates yaml from 2.2.2 to 2.7.0

Release notes

Sourced from yaml's releases.

v2.7.0

The library is now available on JSR as @​eemeli/yaml and on deno.land/x as yaml. In addition to Node.js and browsers, it should work in Deno, Bun, and Cloudflare Workers.

• Use .ts extension in all relative imports (#591)
• Ignore newline after block seq indicator as space before value (#590)
• Require Node.js 14.18 or later (was 14.6) (#598)

v2.6.1

• Do not strip :00 seconds from !!timestamp values (#578, with thanks to @​qraynaud)
• Tighten regexp for JSON !!bool (#587, with thanks to @​vra5107)
• Default to literal block scalar if folded would overflow (#585)

v2.6.0

• Use a proper tag for !!merge << keys (#580)
• Add stringKeys parse option (#581)
• Stringify a Document as a Document (#576)
• Add sponsorship by Manifest

v2.5.1

• Include range in flow sequence pair maps (#573)

v2.5.0

• Add --indent option to CLI tool (#559, with thanks to @​danielbayley)
• Require newline in all cases for props on block sequence (#557)
• Always reset indentation in lexer on ... (#558)
• Ignore minContentWidth if greater than lineWidth (#562)
• Drop unused Collection.maxFlowStringSingleLineLength (#522, #421)

v2.4.5

• Improve tab handling (#553, yaml-test-suite tests DK95 & Y79Y)

v2.4.4

With special thanks to @​RedCMD for finding and reporting all of the following:

• Allow comment after top-level block scalar with explicit indent indicator (#547)
• Allow tab as indent for line comments before nodes (#548)
• Do not allow tab before block collection (#549)
• In flow collections, allow []{} immediately after : with plain key (#550)
• Require indentation for ? explicit-key contents (#551)
• Require indentation from block scalar header & flow collections in mapping values (#553)

v2.4.3

• Improve error when parsing a non-string value (#459)
• Do not parse -.NaN or +.nan as NaN (#546)
• Support # within %TAG prefixes with trailing #comments
• Check for non-node complex keys when stringifying with simpleKeys (#541)

v2.4.2

• Restrict YAML 1.1 boolean strings to their explicit capitalization (#530)
• Add sponsorship by Scipress (#536)

... (truncated)

Commits

• 8f512b5 2.7.0
• 8a7569a ci: Add jsr.jsonc & jsr-publish workflow
• 8ef085f docs: Fix API docs links
• 374c19c style: Really use explicit imports for process.env and Buffer
• 1ab037d style: Include explicit type declarations on all public APIs
• 4354c42 style: Use explicit imports for process.env and Buffer
• 2c55723 Merge pull request #591 from eemeli/import-ts
• ab240c1 fix: Drop .ts extension from import & export paths in .d.ts files
• c4c49f9 fix: Use separate rather than inline type keyword for TS compatibility
• 3bec004 ci: Add deno smoke test
• Additional commits viewable in compare view

Updates tough-cookie from 4.1.3 to 4.1.4

Release notes

Sourced from tough-cookie's releases.

v4.1.4

https://www.npmjs.com/package/tough-cookie/v/4.1.4

What's Changed

• Add local alias for toString by @​corvidism in salesforce/tough-cookie#409
• Fix incorrect string validation for URL by @​coditva in salesforce/tough-cookie#261

New Contributors

• @​corvidism made their first contribution in salesforce/tough-cookie#409
• @​coditva made their first contribution in salesforce/tough-cookie#261

Full Changelog: salesforce/tough-cookie@v4.1.3...v4.1.4

Commits

• cacbc37 Bump version to 4.1.4
• a48fb3a Add tests for url validation
• 50e69bf Merge pull request #261 from postmanlabs/fix/url-string-validation
• 1253d58 Merge pull request #409 from corvidism/validators-to-string
• 238367e Add local alias for toString
• cf6debd Fix incorrect string validation for URL
• See full diff in compare view

Maintainer changes

This version was pushed to npm by ccasey, a new releaser for tough-cookie since your current version.

Updates axios from 1.7.4 to 1.7.9

Release notes

Sourced from axios's releases.

Release v1.7.9

Release notes:

Reverts

• Revert "fix(types): export CJS types from ESM (#6218)" (#6729) (c44d2f2), closes #6218 #6729

Contributors to this release

• Jay

Release v1.7.8

Release notes:

Bug Fixes

• allow passing a callback as paramsSerializer to buildURL (#6680) (eac4619)
• core: fixed config merging bug (#6668) (5d99fe4)
• fixed width form to not shrink after 'Send Request' button is clicked (#6644) (7ccd5fd)
• http: add support for File objects as payload in http adapter (#6588) (#6605) (6841d8d)
• http: fixed proxy-from-env module import (#5222) (12b3295)
• http: use globalThis.TextEncoder when available (#6634) (df956d1)
• ios11 breaks when build (#6608) (7638952)
• types: add missing types for mergeConfig function (#6590) (00de614)
• types: export CJS types from ESM (#6218) (c71811b)
• updated stream aborted error message to be more clear (#6615) (cc3217a)
• use URL API instead of DOM to fix a potential vulnerability warning; (#6714) (0a8d6e1)

Contributors to this release

• Remco Haszing
• Jay
• Aayush Yadav
• Dmitriy Mozgovoy
• Ell Bradshaw
• Amit Saini
• Tommaso Paulon
• Akki
• Sampo Silvennoinen
• Kasper Isager Dalsgarð
• Christian Clauss
• Pavan Welihinda
• Taylor Flatt
• Kenzo Wada
• Ngole Lawson
• Haven
• Shrivali Dutt
• Henco Appel

Release v1.7.7

Release notes:

Bug Fixes

... (truncated)

Changelog

Sourced from axios's changelog.

1.7.9 (2024-12-04)

Reverts

• Revert "fix(types): export CJS types from ESM (#6218)" (#6729) (c44d2f2), closes #6218 #6729

Contributors to this release

• Jay

1.7.8 (2024-11-25)

Bug Fixes

• allow passing a callback as paramsSerializer to buildURL (#6680) (eac4619)
• core: fixed config merging bug (#6668) (5d99fe4)
• fixed width form to not shrink after 'Send Request' button is clicked (#6644) (7ccd5fd)
• http: add support for File objects as payload in http adapter (#6588) (#6605) (6841d8d)
• http: fixed proxy-from-env module import (#5222) (12b3295)
• http: use globalThis.TextEncoder when available (#6634) (df956d1)
• ios11 breaks when build (#6608) (7638952)
• types: add missing types for mergeConfig function (#6590) (00de614)
• types: export CJS types from ESM (#6218) (c71811b)
• updated stream aborted error message to be more clear (#6615) (cc3217a)
• use URL API instead of DOM to fix a potential vulnerability warning; (#6714) (0a8d6e1)

Contributors to this release

• Remco Haszing
• Jay
• Aayush Yadav
• Dmitriy Mozgovoy
• Ell Bradshaw
• Amit Saini
• Tommaso Paulon
• Akki
• Sampo Silvennoinen
• Kasper Isager Dalsgarð
• Christian Clauss
• Pavan Welihinda
• Taylor Flatt
• Kenzo Wada
• Ngole Lawson
• Haven
• Shrivali Dutt
• Henco Appel

1.7.7 (2024-08-31)

... (truncated)

Commits

• b2cb45d chore(release): v1.7.9 (#6730)
• c44d2f2 Revert "fix(types): export CJS types from ESM (#6218)" (#6729)
• 415ca94 chore(release): v1.7.8 (#6715)
• 0a8d6e1 fix: use URL API instead of DOM to fix a potential vulnerability warning; (#6...
• c71811b fix(types): export CJS types from ESM (#6218)
• 4355a6d chore(sponsor): update sponsor block (#6709)
• 5d54d22 chore(sponsor): update sponsor block (#6707)
• eac4619 fix: allow passing a callback as paramsSerializer to buildURL (#6680)
• df956d1 fix(http): use globalThis.TextEncoder when available (#6634)
• 7139ce9 chore(deps): bump cookie and socket.io (#6704)
• Additional commits viewable in compare view

Updates @babel/traverse from 7.26.4 to 7.26.5

Release notes

Sourced from @​babel/traverse's releases.

v7.26.5 (2025-01-10)

👓 Spec Compliance

• babel-parser
  • #17011 Allow the dynamic import.defer() form of import defer (@​babel-bot)

🐛 Bug Fix

• babel-plugin-transform-block-scoped-functions
  • #17024 chore: Avoid calling isInStrictMode in Babel 7 (@​liuxingbaoyu)
• babel-plugin-transform-typescript
  • #17026 fix: Correctly generate exported const enums in namespace (@​liuxingbaoyu)
• babel-parser
  • #17045 [estree] Unify method type parameters handling (@​JLHwung)
  • #17013 fix: Correctly set position for @(a.b)() (@​liuxingbaoyu)
  • #16996 [estree] Adjust the start loc of class methods with type params (@​nicolo-ribaudo)
• babel-generator, babel-parser, babel-plugin-transform-flow-strip-types, babel-types
  • #17028 Support flow jsx opening element type arguments (@​JLHwung)
• babel-compat-data, babel-preset-env
  • #17031 fix: More accurate transform-typeof-symbol compat data (@​liuxingbaoyu)
• babel-generator, babel-parser, babel-types
  • #17019 Fix incomplete visitor keys (@​JLHwung)

🔬 Output optimization

• babel-plugin-transform-nullish-coalescing-operator
  • #16612 Improve nullish coalescing operator output (@​liuxingbaoyu)

Committers: 5

• Babel Bot (@​babel-bot)
• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• @​liuxingbaoyu
• fisker Cheung (@​fisker)

Changelog

Sourced from @​babel/traverse's changelog.

v7.26.5 (2025-01-10)

👓 Spec Compliance

• babel-parser
  • #17011 Allow the dynamic import.defer() form of import defer (@​babel-bot)

🐛 Bug Fix

• babel-plugin-transform-block-scoped-functions
  • #17024 chore: Avoid calling isInStrictMode in Babel 7 (@​liuxingbaoyu)
• babel-plugin-transform-typescript
  • #17026 fix: Correctly generate exported const enums in namespace (@​liuxingbaoyu)
• babel-parser
  • #17045 [estree] Unify method type parameters handling (@​JLHwung)
  • #17013 fix: Correctly set position for @(a.b)() (@​liuxingbaoyu)
  • #16996 [estree] Adjust the start loc of class methods with type params (@​nicolo-ribaudo)
• babel-generator, babel-parser, babel-plugin-transform-flow-strip-types, babel-types
  • #17028 Support flow jsx opening element type arguments (@​JLHwung)
• babel-compat-data, babel-preset-env
  • #17031 fix: More accurate transform-typeof-symbol compat data (@​liuxingbaoyu)
• babel-generator, babel-parser, babel-types
  • #17019 Fix incomplete visitor keys (@​JLHwung)

🔬 Output optimization

• babel-plugin-transform-nullish-coalescing-operator
  • #16612 Improve nullish coalescing operator output (@​liuxingbaoyu)

Commits

• 74181cf v7.26.5
• d35794e [Babel 8] Create TSEnumBody for TSEnumDeclaration (#16979)
• cd24cc0 chore: Update TS 5.7 (#17053)
• See full diff in compare view

Updates @babel/traverse from 7.26.4 to 7.26.5

Release notes

Sourced from @​babel/traverse's releases.

v7.26.5 (2025-01-10)

👓 Spec Compliance

• babel-parser
  • #17011 Allow the dynamic import.defer() form of import defer (@​babel-bot)

🐛 Bug Fix

• babel-plugin-transform-block-scoped-functions
  • #17024 chore: Avoid calling isInStrictMode in Babel 7 (@​liuxingbaoyu)
• babel-plugin-transform-typescript
  • #17026 fix: Correctly generate exported const enums in namespace (@​liuxingbaoyu)
• babel-parser
  • #17045 [estree] Unify method type parameters handling (@​JLHwung)
  • #17013 fix: Correctly set position for @(a.b)() (@​liuxingbaoyu)
  • #16996 [estree] Adjust the start loc of class methods with type params (@​nicolo-ribaudo)
• babel-generator, babel-parser, babel-plugin-transform-flow-strip-types, babel-types
  • #17028 Support flow jsx opening element type arguments (@​JLHwung)
• babel-compat-data, babel-preset-env
  • #17031 fix: More accurate transform-typeof-symbol compat data (@​liuxingbaoyu)
• babel-generator, babel-parser, babel-types
  • #17019 Fix incomplete visitor keys (@​JLHwung)

🔬 Output optimization

• babel-plugin-transform-nullish-coalescing-operator
  • #16612 Improve nullish coalescing operator output (@​liuxingbaoyu)

Committers: 5

• Babel Bot (@​babel-bot)
• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• @​liuxingbaoyu
• fisker Cheung (@​fisker)

Changelog

Sourced from @​babel/traverse's changelog.

v7.26.5 (2025-01-10)

👓 Spec Compliance

• babel-parser
  • #17011 Allow the dynamic import.defer() form of import defer (@​babel-bot)

🐛 Bug Fix

• babel-plugin-transform-block-scoped-functions
  • #17024 chore: Avoid calling isInStrictMode in Babel 7 (@​liuxingbaoyu)
• babel-plugin-transform-typescript
  • #17026 fix: Correctly generate exported const enums in namespace (@​liuxingbaoyu)
• babel-parser
  • #17045 [estree] Unify method type parameters handling (@​JLHwung)
  • #17013 fix: Correctly set position for @(a.b)() (@​liuxingbaoyu)
  • #16996 [estree] Adjust the start loc of class methods with type params (@​nicolo-ribaudo)
• babel-generator, babel-parser, babel-plugin-transform-flow-strip-types, babel-types
  • #17028 Support flow jsx opening element type arguments (@​JLHwung)
• babel-compat-data, babel-preset-env
  • #17031 fix: More accurate transform-typeof-symbol compat data (@​liuxingbaoyu)
• babel-generator, babel-parser, babel-types
  • #17019 Fix incomplete visitor keys (@​JLHwung)

🔬 Output optimization

• babel-plugin-transform-nullish-coalescing-operator
  • #16612 Improve nullish coalescing operator output (@​liuxingbaoyu)

Commits

• 74181cf v7.26.5
• d35794e [Babel 8] Create TSEnumBody for TSEnumDeclaration (#16979)
• cd24cc0 chore: Update TS 5.7 (#17053)
• See full diff in compare view

Updates bootstrap from 5.0.0 to 5.3.3

Release notes

Sourced from bootstrap's releases.

v5.3.3

Highlights

• Fixed a breaking change introduced with color modes where it was required to manually import variables-dark.scss when building Bootstrap with Sass. Now, _variables.scss will automatically import _variables-dark.scss. If you were already importing _variables-dark.scss manually, you should keep doing it as it won't break anything and will be the way to go in v6.
• Fixed a regression in the selector engine that wasn't able to handle multiple IDs anymore.

Color modes

• Badges now use the .text-bg-* text utilities to be certain that the text is always readable (especially when the customized colors are different in light and dark modes).
• Fixed our color-modes.js script to handle the case where the OS is set to light mode and the auto color mode is used on the website. If you copied the script from our docs, you should apply this change to your own script.
• Fixed color schemes description in the color modes documentation to show that color-scheme() only accept light and dark values as parameters.

Miscellaneous

• Allowed <dl>, <dt> and <dd> in the sanitizer.
• Dropped evenly items distribution for modal and offcanvas headers.
• Fixed the accordion CSS selectors to avoid inheritance issues when nesting accordions.
• Fixed the focus box-shadow for the validation stated form controls.
• Fixed the focus ring on focused checked buttons.
• Fixed the product example mobile navbar toggler.
• Changed the RTL processing of carousel control icons.

---

🎨 CSS

• #37508: Use child combinators to avoid inheriting parent accordion's flush styles
• #38719: Fix focus box-shadow for validation stated form-controls
• #38884: fix border-radius on radio-switch
• #39294: Tests: update navbar in visual modal test
• #39373: refactor css: modal and offcanvas header spacing
• #39380: Fix Sass compilation breaking change in v5.3
• #39387: docs: fix typo
• #39411: Optimize the accordion icon
• #39497: Fix a typo
• #39536: Changed RTL processing of carousel control icons
• #39560: Drop --bs-accordion-btn-focus-border-color and deprecate $accordion-button-focus-border-color
• #39595: CSS: Fix the focus ring on focused checked buttons

☕️ JavaScript

• #39201: Selector Engine: fix multiple IDs
• #39224: Fix edge case in color-mode.js
• #39376: Allow dl, dt and dd in sanitizer

📖 Docs

• #39200: Typo Fix
• #39214: Doc: use .text-bg-{color} for all badges
• #39246: Docs: fix for example code blocks have unnecessary 30px right-margin

... (truncated)

Commits

• 6e1f75f Release v5.3.3 (#39524)
• 3caef2b Build(deps-dev): Bump terser from 5.27.1 to 5.27.2 (#39690)
• 4abac9b Build(deps-dev): Bump ip from 2.0.0 to 2.0.1 (#39691)
• c396a2a Build(deps-dev): Bump sass from 1.70.0 to 1.71.0 (#39684)
• c9a8a40 Build(deps-dev): Bump rollup from 4.9.6 to 4.12.0 (#39683)
• 6aecb37 Build(deps-dev): Bump eslint-plugin-html from 7.1.0 to 8.0.0 (#39672)
• 4081168 Build(deps-dev): Bump terser from 5.27.0 to 5.27.1 (#39682)
• 4605d71 Build(deps-dev): Bump postcss from 8.4.34 to 8.4.35 (#39673)
• 08eeee3 Build(deps-dev): Bump lockfile-lint from 4.12.1 to 4.13.1 (#39675)
• f92d635 Build(deps-dev): Bump eslint-plugin-unicorn from 51.0.0 to 51.0.1 (#39676)
• Additional commits viewable in compare view

Updates @types/bootstrap from 4.5.0 to 5.2.10

Commits

• See full diff in compare view

Updates bootstrap from 5.0.0 to 5.3.3

Release notes

Sourced from bootstrap's releases.

v5.3.3

Highlights

• Fixed a breaking change introduced with color modes where it was required to manually import variables-dark.scss when building Bootstrap with Sass. Now, _variables.scss will automatically import _variables-dark.scss. If you were already importing _variables-dark.scss manually, you should keep doing it as it won't break anything and will be the way to go in v6.
• Fixed a regression in the selector engine that wasn't able to handle multiple IDs anymore.

Color modes

• Badges now use the .text-bg-* text utilities to be certain that the text is always readable (especially when the customized colors are different in light and dark modes).
• Fixed our color-modes.js script to handle the case where the OS is set to light mode and the auto color mode is used on the website. If you copied the script from our docs, you should apply this change to your own script.
• Fixed color schemes description in the color modes documentation to show that color-scheme() only accept light and dark values as parameters.

Miscellaneous

• Allowed <dl>, <dt> and <dd> in the sanitizer.
• Dropped evenly items distribution for modal and offcanvas headers.
• Fixed the accordion CSS selectors to avoid inheritance issues when nesting accordions.
• Fixed the focus box-shadow for the validation stated form controls.
• Fixed the focus ring on focused checked buttons.
• Fixed the product example mobile navbar toggler.
• Changed the RTL processing of carousel control icons.

---

🎨 CSS

• #37508: Use child combinators to avoid inheriting parent accordion's flush styles
• #38719: Fix focus box-shadow for validation stated form-controls
• #38884: fix border-radius on radio-switch
• #39294: Tests: update navbar in visual modal test
• #39373: refactor css: modal and offcanvas header spacing
• #39380: Fix Sass compilation breaking change in v5.3
• #39387: docs: fix typo
• #39411: Optimize the accordion icon
• #39497: Fix a typo
• #39536: Changed RTL processing of carousel control icons
• #39560: Drop --bs-accordion-btn-focus-border-color and deprecate $accordion-button-focus-border-color
• #39595: CSS: Fix the focus ring on focused checked buttons

☕️ JavaScript

• #39201: Selector Engine: fix multiple IDs
• #39224: Fix edge case in color-mode.js
• #39376: Allow dl, dt and dd in sanitizer

📖 Docs

• #39200: Typo Fix
• #39214: Doc: use .text-bg-{color} for all badges
• #39246: Docs: fix for example code blocks have unnecessary 30px right-margin

... (truncated)

Commits

• 6e1f75f Release v5.3.3 (#39524)
• 3caef2b Build(deps-dev): Bump terser from 5.27.1 to 5.27.2 (#39690)
• 4abac9b Build(deps-dev): Bump ip from 2.0.0 to 2.0.1 (#39691)
• c396a2a Build(deps-dev): Bump sass from 1.70.0 to 1.71.0 (#39684)
• c9a8a40 Build(deps-dev): Bump rollup from 4.9.6 to 4.12.0 (#39683)
• 6aecb37 Build(deps-dev): Bump eslint-plugin-html from 7.1.0 to 8.0.0 (#39672)
• 4081168 Build(deps-dev): Bump terser from 5.27.0 to 5.27.1 (#39682)
• 4605d71 Build(deps-dev): Bump postcss from 8.4.34 to 8.4.35 (#39673)
• 08eeee3 Build(deps-dev): Bump lockfile-lint from 4.12.1 to 4.13.1 (#39675)
• f92d635 Build(deps-dev): Bump eslint-plugin-unicorn from 51.0.0 to 51.0.1 (#39676)
• Additional commits viewable in compare view

Updates @types/bootstrap from 4.5.0 to 5.2.10

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.