chore(deps): bump the dependencies group across 1 directory with 3 updates

[dependabot[bot]]

trafficstars

Bumps the dependencies group with 3 updates in the / directory: jsdom, marked and marked-alert.

Updates jsdom from 24.1.0 to 25.0.1

Release notes

Sourced from jsdom's releases.

Version 25.0.1

• Updated dependencies, notably tough-cookie, which no longer prints a deprecation warning.

Version 25.0.0

This major release changes the prototype of a jsdom's EventTarget.prototype to point to the Object.prototype inside the jsdom, instead of pointing to the Node.js Object.prototype. Thus, the prototype chain of Window stays entirely within the jsdom, never crossing over into the Node.js realm.

This only occurs when runScripts is set to non-default values of "dangerously" or "outside-only", as with the default value, there is no separate Object.prototype inside the jsdom.

This will likely not impact many programs, but could cause some changes in instanceof behavior, and so out of an abundance of caution, we're releasing it as a new major version.

Version 24.1.3

• Fixed calls to postMessage() that were done as a bare property (i.e., postMessage() instead of window.postMessage()).

Version 24.1.2

• Fixed an issue with the in operator applied to EventTarget methods, e.g. 'addEventListener' in window, which only appeared in Node.js ≥22.5.0. (legendecas)
• Fixed the events fired by blur(): it no longer fires focus and focusin on the Document, and blur and focusout no longer have their relatedTarget property set. (asamuzaK)

Version 24.1.1

• Fixed selection methods to trigger the selectionchange event on the Document object. (piotr-oles)

Changelog

Sourced from jsdom's changelog.

25.0.1

• Updated dependencies, notably tough-cookie, which no longer prints a deprecation warning.

25.0.0

This major release changes the prototype of a jsdom's EventTarget.prototype to point to the Object.prototype inside the jsdom, instead of pointing to the Node.js Object.prototype. Thus, the prototype chain of Window stays entirely within the jsdom, never crossing over into the Node.js realm.

This only occurs when runScripts is set to non-default values of "dangerously" or "outside-only", as with the default value, there is no separate Object.prototype inside the jsdom.

This will likely not impact many programs, but could cause some changes in instanceof behavior, and so out of an abundance of caution, we're releasing it as a new major version.

24.1.3

• Fixed calls to postMessage() that were done as a bare property (i.e., postMessage() instead of window.postMessage()).

24.1.2

• Fixed an issue with the in operator applied to EventTarget methods, e.g. 'addEventListener' in window, which only appeared in Node.js ≥22.5.0. (legendecas)
• Fixed the events fired by blur(): it no longer fires focus and focusin on the Document, and blur and focusout no longer have their relatedTarget property set. (asamuzaK)

24.1.1

• Fixed selection methods to trigger the selectionchange event on the Document object. (piotr-oles)

Commits

• 04541b3 Version 25.0.1
• 96bd111 Update dependencies and dev dependencies
• d08440c Upgrade tough-cookie to v5.0.0
• c53efc8 Version 25.0.0
• 784c8a5 Set EventTarget.prototype to the jsdom's Object.prototype
• 0314f1e Version 24.1.3
• 46d5d5c Fix postMessage referenced as a bare property
• a241df6 Version 24.1.2
• c3a9aed Remove upstreamed WPTs
• 07fab37 Refactor Window object setup code
• Additional commits viewable in compare view

Updates marked from 13.0.2 to 14.1.2

Release notes

Sourced from marked's releases.

v14.1.2

14.1.2 (2024-09-08)

Bug Fixes

• fix html following list (#3444) (9d7b728)

v14.1.1

14.1.1 (2024-09-04)

Bug Fixes

• Don't replace tabs with spaces (#3438) (9ed6456)

v14.1.0

14.1.0 (2024-08-26)

Bug Fixes

• don't export block or inline (#3427) (3f0430a)

Features

• add provideLexer and provideParser hooks (#3424) (447f5af)

v14.0.0

14.0.0 (2024-08-07)

Bug Fixes

• allow async option to dictate type returned (#3341) (b5a5004)
• Remove useNewRenderer (#3342) (e64f226)

BREAKING CHANGES

• Remove old renderer
• throw an error if async: false is set when an extension sets async: true

v13.0.3

13.0.3 (2024-07-28)

Bug Fixes

... (truncated)

Commits

• 0309c2f chore(release): 14.1.2 [skip ci]
• 9d7b728 fix: fix html following list (#3444)
• 2fe4136 chore: update testutils to v14.1.1-0 (#3443)
• f3c387f chore(release): 14.1.1 [skip ci]
• 9ed6456 fix: Don't replace tabs with spaces (#3438)
• 2ff0547 chore(deps-dev): Bump @​markedjs/eslint-config from 1.0.1 to 1.0.2 (#3442)
• e6167a9 chore(deps-dev): Bump rollup from 4.21.0 to 4.21.2 (#3441)
• 2124b5d chore: update @​marked/testutils (#3431)
• e6f0ca5 chore(deps-dev): Bump eslint from 9.9.0 to 9.9.1 (#3430)
• 73d21f4 chore(deps-dev): Bump tslib from 2.6.3 to 2.7.0 (#3429)
• Additional commits viewable in compare view

Updates marked-alert from 2.0.1 to 2.1.0

Release notes

Sourced from marked-alert's releases.

[email protected]

marked-alert 2.1.0 (2024-09-26)

Features

• improve alert token handling (867b011), closes #120

[email protected]

marked-alert 2.0.2 (2024-08-29)

Bug Fixes

• lint code (c75dfc9)

Commits

• 3cc4926 chore(release): 2.1.0
• 84f17bc chore(deps): ncu
• 867b011 feat: improve alert token handling
• 656ed0d chore(deps): update shiki monorepo to v1.18.0
• 0f33d35 chore(deps): update shiki monorepo to v1.17.7
• fdca271 chore(deps): update shiki monorepo to v1.17.5
• f7eb558 chore(deps): update dependency marked to v14.1.2
• ac7d64d chore(deps): update shiki monorepo to v1.17.0
• 88b6c76 chore(deps): update shiki monorepo to v1.16.2
• 3d58361 chore(release): 1.0.7
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions