Bump the npm_and_yarn group across 1 directory with 5 updates

[dependabot[bot]]

Bumps the npm_and_yarn group with 4 updates in the / directory: react-dom, html-webpack-plugin, braces and kind-of.

Updates react-dom from 16.10.1 to 18.3.1

Release notes

Sourced from react-dom's releases.

18.3.1 (April 26, 2024)

• Export act from react f1338f

18.3.0 (April 25, 2024)

This release is identical to 18.2 but adds warnings for deprecated APIs and other changes that are needed for React 19.

Read the React 19 Upgrade Guide for more info.

React

• Allow writing to this.refs to support string ref codemod 909071
• Warn for deprecated findDOMNode outside StrictMode c3b283
• Warn for deprecated test-utils methods d4ea75
• Warn for deprecated Legacy Context outside StrictMode 415ee0
• Warn for deprecated string refs outside StrictMode #25383
• Warn for deprecated defaultProps for function components #25699
• Warn when spreading key #25697
• Warn when using act from test-utils d4ea75

React DOM

• Warn for deprecated unmountComponentAtNode 8a015b
• Warn for deprecated renderToStaticNodeStream #28874

18.2.0 (June 14, 2022)

React DOM

• Provide a component stack as a second argument to onRecoverableError. (@​gnoff in #24591)
• Fix hydrating into document causing a blank page on mismatch. (@​gnoff in #24523)
• Fix false positive hydration errors with Suspense. (@​gnoff in #24480 and @​acdlite in #24532)
• Fix ignored setState in Safari when adding an iframe. (@​gaearon in #24459)

React DOM Server

• Pass information about server errors to the client. (@​salazarm and @​gnoff in #24551 and #24591)
• Allow to provide a reason when aborting the HTML stream. (@​gnoff in #24680)
• Eliminate extraneous text separators in the HTML where possible. (@​gnoff in #24630)
• Disallow complex children inside <title> elements to match the browser constraints. (@​gnoff in #24679)
• Fix buffering in some worker environments by explicitly setting highWaterMark to 0. (@​jplhomer in #24641)

Server Components (Experimental)

• Add support for useId() inside Server Components. (@​gnoff) in #24172

18.1.0 (April 26, 2022)

React DOM

• Fix the false positive warning about react-dom/client when using UMD bundle. (@​alireza-molaee in #24274)
• Fix suppressHydrationWarning to work in production too. (@​gaearon in #24271)
• Fix componentWillUnmount firing twice inside of Suspense. (@​acdlite in #24308)
• Fix some transition updates being ignored. (@​acdlite in #24353)

... (truncated)

Changelog

Sourced from react-dom's changelog.

18.3.1 (April 26, 2024)

• Export act from react f1338f

18.3.0 (April 25, 2024)

This release is identical to 18.2 but adds warnings for deprecated APIs and other changes that are needed for React 19.

Read the React 19 Upgrade Guide for more info.

React

• Allow writing to this.refs to support string ref codemod 909071
• Warn for deprecated findDOMNode outside StrictMode c3b283
• Warn for deprecated test-utils methods d4ea75
• Warn for deprecated Legacy Context outside StrictMode 415ee0
• Warn for deprecated string refs outside StrictMode #25383
• Warn for deprecated defaultProps for function components #25699
• Warn when spreading key #25697
• Warn when using act from test-utils d4ea75

React DOM

• Warn for deprecated unmountComponentAtNode 8a015b
• Warn for deprecated renderToStaticNodeStream #28874

18.2.0 (June 14, 2022)

React DOM

• Provide a component stack as a second argument to onRecoverableError. (@​gnoff in #24591)
• Fix hydrating into document causing a blank page on mismatch. (@​gnoff in #24523)
• Fix false positive hydration errors with Suspense. (@​gnoff in #24480 and @​acdlite in #24532)
• Fix ignored setState in Safari when adding an iframe. (@​gaearon in #24459)

React DOM Server

• Pass information about server errors to the client. (@​salazarm and @​gnoff in #24551 and #24591)
• Allow to provide a reason when aborting the HTML stream. (@​gnoff in #24680)
• Eliminate extraneous text separators in the HTML where possible. (@​gnoff in #24630)
• Disallow complex children inside <title> elements to match the browser constraints. (@​gnoff in #24679)
• Fix buffering in some worker environments by explicitly setting highWaterMark to 0. (@​jplhomer in #24641)

Server Components (Experimental)

• Add support for useId() inside Server Components. (@​gnoff in #24172)

18.1.0 (April 26, 2022)

React DOM

... (truncated)

Commits

• d6c42f7 Bump to 18.3.1
• 8a015b6 Add deprecation warning for unmountComponentAtNode
• c3b2839 Add deprecation warning for findDOMNode
• d4ea75d ReactDOMTestUtils deprecation warnings
• 7548c01 Deprecate renderToStaticNodeStream (#28872) (#28874)
• 5894232 Enable warning for defaultProps on function components for everyone (#25699)
• c2a246e Turn on string ref deprecation warning for everybody (not codemoddable) (#25383)
• 2cfb474 Bump version from 18.2 to 18.3
• b345523 [Fizz] Support abort reasons (#24680)
• bcbeb52 [Fizz] Disallow complex children in <title> elements (#24679)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by react-bot, a new releaser for react-dom since your current version.

Updates html-webpack-plugin from 4.5.2 to 5.6.0

Changelog

Sourced from html-webpack-plugin's changelog.

5.6.0 (2023-12-19)

Features

• add @rspack/core as an optional peer dependency (#1829) (56ff3ae)
• Added support type=systemjs-module via the scriptLoading option (#1822) (7effc30)

Bug Fixes

• memory leak (#1836) (c79f2cf)

5.5.4 (2023-12-06)

Bug Fixes

• avoid have undefined type for script tags (#1809) (9959484)
• reemit assets from loaders (#1811) (a214736)
• reemit favicon in serve/watch mode (#1804) (57c5a4e)

5.5.3 (2023-06-10)

Bug Fixes

• don't add extra meta tag if it exists (#1802) (8f92788)
• pass all Node.js globals to templates (#1796) (f269fc0)
• types: fix type for chunkSortMode (#1798) (6ad0e55)

5.5.2 (2023-06-08)

Bug Fixes

• compatibility with ES modules output (#1795) (eda853b)

5.5.1 (2023-04-15)

Bug Fixes

• perf: defer loading of pretty-error to improve startup time (#1789) (988709d)

5.5.0 (2021-10-25)

Features

... (truncated)

Commits

• ebfa1ce chore(release): 5.6.0
• 56ff3ae feat: add @rspack/core as an optional peer dependency (#1829)
• c79f2cf fix: memoy leak (#1836)
• 7effc30 feat: Added support type=systemjs-module via the scriptLoading option (#1...
• 318cd4d docs: add html-webpack-inject-attributes-plugin to readme (#1787)
• 91ba8bb chore(release): 5.5.4
• fe231d3 docs: add js-entry-webpack-plugin (#1732)
• 5c15284 test: case for watch/serve and reemitting assets (#1812)
• a214736 fix: reemit assets from loaders (#1811)
• 0db3c2b refactor: fix regression after refactor and testing (#1810)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for html-webpack-plugin since your current version.

Updates braces from 3.0.2 to 3.0.3

Commits

• 74b2db2 3.0.3
• 88f1429 update eslint. lint, fix unit tests.
• 415d660 Snyk js braces 6838727 (#40)
• 190510f fix tests, skip 1 test in test/braces.expand
• 716eb9f readme bump
• a5851e5 Merge pull request #37 from coderaiser/fix/vulnerability
• 2092bd1 feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...
• 9f5b4cf fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)
• 98414f9 remove funding file
• 665ab5d update keepEscaping doc (#27)
• Additional commits viewable in compare view

Updates kind-of from 6.0.2 to 6.0.3

Changelog

Sourced from kind-of's changelog.

[6.0.3] - 2020-01-16

• Merge pull request #31 for issue #30

[6.0.0] - 2017-10-13

• refactor code to be more performant
• refactor benchmarks

[5.1.0] - 2017-10-13

Added

• Merge pull request #15 from aretecode/patch-1
• adds support and tests for string & array iterators

Changed

• updates benchmarks

[5.0.2] - 2017-08-02

• Merge pull request #14 from struct78/master
• Added undefined check

[5.0.0] - 2017-06-21

• Merge pull request #12 from aretecode/iterator
• Set Iterator + Map Iterator
• streamline isbuffer, minor edits

[4.0.0] - 2017-05-19

• Merge pull request #8 from tunnckoCore/master
• update deps

[3.2.2] - 2017-05-16

• fix version

[3.2.1] - 2017-05-16

• add browserify

[3.2.0] - 2017-04-25

• Merge pull request #10 from ksheedlo/unrequire-buffer
• add promise support and tests
• Remove unnecessary Buffer check

... (truncated)

Commits

• abab085 6.0.3
• a18459c run verb to generate README documentation
• dc6bea5 only need to check typeof val.constructor
• 1df992c Merge pull request #31 from xiaofen9/master
• 975c13a fix type checking vul in ctorName
• 4da96c0 Delete FUNDING.yml
• 28266f2 Create FUNDING.yml
• See full diff in compare view

Maintainer changes

This version was pushed to npm by doowb, a new releaser for kind-of since your current version.

Updates terser from 4.8.1 to 5.31.1

Changelog

Sourced from terser's changelog.

v5.31.1

• Allow drop-unused to drop the whole assignment (not just the assigned name) in more situations, in order to avoid duplication of long strings.

v5.31.0

• Sync up property mangler exceptions with current contents of Firefox and Chrome environments
• Add more webcomponent properties to property mangler exceptions (#1525)
• Drop non-nullish constants in ...spreads in objects (#1141)

v5.30.4

• Fix parsing #private in ... when next to other operators

v5.30.3

• Fix precedence of #private in ... operator

v5.30.2

• Avoid optimizations inside computed keys, because they can cause js-engine-specific bugs.

v5.30.1

• Removed useless \ escapes for non-ascii characters
• Make modern identifier characters quoted for older environments (#1512)

v5.30.0

• Improve removal of classes referring to themselves

v5.29.2

• Make sure 'computed_props' creates string keys
• Take into account the evaluated size when inlining

v5.29.1

• fix optimisation of all-bits mask check

v5.29.0

• Re-releases previously reverted 5.28.0
• Fix crash while optimizing some bitwise ops
• (internal) Remove needless wrapper for from_moz (#1499)

v5.28.1

(hotfix release)

• Reverts v5.28.0

v5.28.0

• Optimise redundant or shrinkable bitwise operations (|, ^, &, >>, <<)
• Evaluate some BigInt math operations

v5.27.2

• Recognise this as a reference to the surrounding class in drop_unused. Closes #1472

v5.27.1

• Fixed case where collapse_vars inlines await expressions into non-async functions.

... (truncated)

Commits

• 57ea592 5.31.1
• cf57d77 fix normalization of AST_Sequence
• 14cc291 avoid drop-unused leaving behind the contents of an assignment. Related to we...
• 78d95b8 5.31.0
• 98dbfbb update changelog
• 14062bc sync domprops with Firefox 125 and Chrome 124
• 4cd17bf fix more webcomponent mangling bugs (#1525)
• d7e10df fix WebComponents mangling bug (#1524)
• db932f0 object spread: also drop non-nullish constants (e.g. { ...true }) (#1141)
• 096cac0 5.30.4
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/2lambda123/volvo-cars-react-smartbanner/network/alerts).

[cr-gpt[bot]]

Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information

[performance-testing-bot[bot]]

Unable to locate .performanceTestingBot config file

[codesyncapp[bot]]

Check out the playback for this Pull Request here.

[git-greetings[bot]]

Thanks @dependabot[bot] for opening this PR!

For COLLABORATOR only :

• To add labels, comment on the issue /label add label1,label2,label3

• To remove labels, comment on the issue /label remove label1,label2,label3

[coderabbitai[bot]]

[!IMPORTANT]

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

- [X](https://twitter.com/intent/tweet?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A&url=https%3A//coderabbit.ai) - [Mastodon](https://mastodon.social/share?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A%20https%3A%2F%2Fcoderabbit.ai) - [Reddit](https://www.reddit.com/submit?title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&text=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code.%20Check%20it%20out%3A%20https%3A//coderabbit.ai) - [LinkedIn](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fcoderabbit.ai&mini=true&title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&summary=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code)

Tips

### Chat There are 3 ways to chat with [CodeRabbit](https://coderabbit.ai): - Review comments: Directly reply to a review comment made by CodeRabbit. Example: - `I pushed a fix in commit .` - `Generate unit testing code for this file.` - `Open a follow-up GitHub issue for this discussion.` - Files and specific lines of code (under the "Files changed" tab): Tag `@coderabbitai` in a new review comment at the desired location with your query. Examples: - `@coderabbitai generate unit testing code for this file.` - `@coderabbitai modularize this function.` - PR comments: Tag `@coderabbitai` in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples: - `@coderabbitai generate interesting stats about this repository and render them as a table.` - `@coderabbitai show all the console.log statements in this repository.` - `@coderabbitai read src/utils.ts and generate unit testing code.` - `@coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.` - `@coderabbitai help me debug CodeRabbit configuration file.` Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. ### CodeRabbit Commands (invoked as PR comments) - `@coderabbitai pause` to pause the reviews on a PR. - `@coderabbitai resume` to resume the paused reviews. - `@coderabbitai review` to trigger an incremental review. This is useful when automatic reviews are disabled for the repository. - `@coderabbitai full review` to do a full review from scratch and review all the files again. - `@coderabbitai summary` to regenerate the summary of the PR. - `@coderabbitai resolve` resolve all the CodeRabbit review comments. - `@coderabbitai configuration` to show the current CodeRabbit configuration for the repository. - `@coderabbitai help` to get help. Additionally, you can add `@coderabbitai ignore` anywhere in the PR description to prevent this PR from being reviewed. ### CodeRabbit Configration File (`.coderabbit.yaml`) - You can programmatically configure CodeRabbit by adding a `.coderabbit.yaml` file to the root of your repository. - Please see the [configuration documentation](https://docs.coderabbit.ai/guides/configure-coderabbit) for more information. - If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: `# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json` ### Documentation and Community - Visit our [Documentation](https://coderabbit.ai/docs) for detailed information on how to use CodeRabbit. - Join our [Discord Community](https://discord.com/invite/GsXnASn26c) to get help, request features, and share feedback. - Follow us on [X/Twitter](https://twitter.com/coderabbitai) for updates and announcements.

[code-companion-ai[bot]]

Processing PR updates...

[git-greetings[bot]]

PR Details of @dependabot[bot] in volvo-cars-react-smartbanner :	OPEN	CLOSED	TOTAL
3	13	16

[socket-security[bot]]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@types/html-minifier-terser@6.1.0	None	0	9.56 kB	types
npm/clean-css@5.3.3	environment, filesystem, network	0	493 kB	jakub.pawlowicz
npm/html-minifier-terser@6.1.0	None	0	99.6 kB	sibiraj-s
npm/html-webpack-plugin@5.6.0	filesystem, unsafe	0	120 kB	evilebottnawi
npm/kind-of@6.0.3	None	0	22.8 kB	doowb
npm/pretty-error@4.0.0	None	0	58.9 kB	ariaminaei
npm/react-dom@18.3.1	environment	0	4.51 MB	react-bot
npm/renderkid@3.0.0	None	0	169 kB	ariaminaei
npm/supports-color@5.5.0	environment	0	6.63 kB	sindresorhus
npm/supports-preserve-symlinks-flag@1.0.0	None	0	9.18 kB	ljharb
npm/svgo@2.8.0	filesystem	0	975 kB	trysound
npm/symbol-observable@1.0.1	None	0	7.44 kB	blesh
npm/symbol-tree@3.2.4	None	0	57.1 kB	joris-van-der-wel
npm/table@5.4.6	None	0	198 kB	gajus
npm/tapable@1.1.3	None	0	40.6 kB	sokra
npm/tar@6.2.1	environment, filesystem	0	167 kB	isaacs
npm/terser-webpack-plugin@5.3.10	None	0	88 kB	evilebottnawi
npm/terser@5.31.1	environment, eval	0	2.19 MB	fabiosantoscode
npm/test-exclude@6.0.0	None	0	23.6 kB	coreyfarrell
npm/text-table@0.2.0	None	0	11 kB	substack
npm/through@2.3.8	None	0	12.5 kB	dominictarr
npm/through2@2.0.5	None	0	9.65 kB	rvagg
npm/thunky@1.1.0	None	0	7.76 kB	mafintosh
npm/tmp@0.0.33	filesystem	0	26 kB	raszi
npm/tmpl@1.0.5	None	0	2.77 kB	daaku
npm/to-fast-properties@2.0.0	None	0	3.5 kB	sindresorhus
npm/to-regex-range@5.0.1	None	0	22.9 kB	jonschlinkert
npm/toidentifier@1.0.0	None	0	4.33 kB	dougwilson
npm/tough-cookie@2.5.0	network	0	86.6 kB	jstash
npm/trim-newlines@3.0.1	None	0	3.85 kB	sindresorhus
npm/trim-repeated@1.0.0	None	0	3.01 kB	sindresorhus
npm/trim-right@1.0.1	None	0	2.61 kB	sindresorhus
npm/true-case-path@1.0.3	None	0	15.7 kB	barsh
npm/tslib@1.10.0	None	0	38.1 kB	typescript
npm/tunnel-agent@0.6.0	environment, network	0	16.7 kB	mikeal
npm/tweetnacl@0.14.5	None	0	174 kB	dchest
npm/type-check@0.3.2	None	0	20.9 kB	gkz
npm/type-detect@4.0.8	None	0	42.1 kB	chaijs
npm/type-fest@0.18.1	None	0	102 kB	sindresorhus
npm/type-is@1.6.18	None	0	18.5 kB	dougwilson
npm/type@2.7.2	None	0	88.7 kB	medikoo
npm/typedarray@0.0.6	None	0	26 kB	substack
npm/ua-parser-js@0.7.33	None	0	104 kB	faisalman

🚮 Removed packages: npm/@types/html-minifier-terser@5.1.2, npm/@types/source-list-map@0.1.6, npm/@types/tapable@1.0.12, npm/@types/uglify-js@3.17.5, npm/@types/webpack-sources@3.2.3, npm/@types/webpack@4.41.38, npm/array-buffer-byte-length@1.0.1, npm/array.prototype.reduce@1.0.7, npm/arraybuffer.prototype.slice@1.0.3, npm/available-typed-arrays@1.0.7, npm/clean-css@4.2.4, npm/data-view-buffer@1.0.1, npm/data-view-byte-length@1.0.1, npm/data-view-byte-offset@1.0.0, npm/es-array-method-boxes-properly@1.0.0, npm/es-object-atoms@1.0.0, npm/es-set-tostringtag@2.0.3, npm/for-each@0.3.3, npm/get-symbol-description@1.0.2, npm/globalthis@1.0.3, npm/has-bigints@1.0.2, npm/has-tostringtag@1.0.2, npm/html-minifier-terser@5.1.1, npm/html-webpack-plugin@4.5.2, npm/internal-slot@1.0.7, npm/is-array-buffer@3.0.4, npm/is-bigint@1.0.4, npm/is-data-view@1.0.1, npm/is-negative-zero@2.0.3, npm/is-shared-array-buffer@1.0.3, npm/is-typed-array@1.1.13, npm/is-weakref@1.0.2, npm/object.getownpropertydescriptors@2.1.8, npm/possible-typed-array-names@1.0.0, npm/pretty-error@2.1.2, npm/react-dom@16.10.1, npm/regexp.prototype.flags@1.5.2, npm/renderkid@2.0.7, npm/safe-array-concat@1.1.2, npm/safe-regex-test@1.0.3, npm/set-function-name@2.0.2, npm/string.prototype.trimend@1.0.8, npm/string.prototype.trimstart@1.0.8

View full report↗︎