build(deps-dev): bump web-vitals from 3.5.0 to 4.0.0

[dependabot[bot]]

Bumps web-vitals from 3.5.0 to 4.0.0.

Changelog

Sourced from web-vitals's changelog.

v4.0.0 (2024-05-13)

• [BREAKING] Update types to support more generic usage (#471)
• [BREAKING] Split waitingDuration to make it easier to understand redirect delays (#458)
• [BREAKING] Rename TTFBAttribution fields from *Time to *Duration (#453)
• [BREAKING] Rename resourceLoadTime to resourceLoadDuration in LCP attribution (#450)
• [BREAKING] Add INP breakdown timings and LoAF attribution (#442)
• [BREAKING] Deprecate onFID() and remove previously deprecated APIs (#435)
• Expose the target element in INP attribution (#479)
• Save INP target after interactions to reduce null values when removed from the DOM (#477)
• Cap TTFB in attribution (#440)
• Fix reportAllChanges behavior for LCP when library is loaded late (#468)

v3.5.2 (2024-01-25)

• Pick the first non-null target for INP attribution (#421)

v3.5.1 (2023-12-27)

• Add extra guard for PerformanceEventTiming not existing (#403)

Commits

• 9d1d10a Release v4.0.0
• 06b459d Merge branch 'v4'
• d145c11 Update v4 CHANGELOG and upgrading guide (#480)
• a12b628 Expose the target element in INP attribution (#479)
• 14d3e1d Save INP target early for when removed from DOM (#477)
• 491cfb4 Release v4.0.0-rc.0
• c92caf6 Update CHANGELOG
• fd8b0c3 Small type clean up for v4 (#471)
• a6bed46 Better alternative for test flakiness on Firefox for FCP and LCP (#476)
• 56e49c9 Allow reportAllChanges for LCP for late loaded script (#468)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)