Bump serialize-to-js and parcel

[dependabot[bot]]

Bumps serialize-to-js to 3.1.2 and updates ancestor dependency parcel. These dependencies need to be updated together.

Updates serialize-to-js from 1.2.2 to 3.1.2

Release notes

Sourced from serialize-to-js's releases.

v2.0.0

Breaking changes:

• removal of deserialize function as being vulnerable to DOS

Commits

• e82200d 3.1.2
• 0fe09bb Merge pull request #21 from commenthol/github-actions
• 940dbbe docs: update badge
• fce9d4a chore: use github actions
• b53fd9d chore: bump deps
• 5574c8b 3.1.1
• 2949f8a Merge pull request #17 from commenthol/empty_string
• 68b51fe test: zero
• ed0dd61 fix: empty string
• f84f1b8 3.1.0
• Additional commits viewable in compare view

Updates parcel from 1.12.3 to 1.12.4

Changelog

Sourced from parcel's changelog.

Changelog

All notable changes to Parcel will be documented in this file.

The format is based on Keep a Changelog and Parcel adheres to Semantic Versioning.

[2.12.0] - 2024-02-28

Added

• Core

  • Add REPL playground for Parcel to the website – Details
  • Improve package manager detection for auto install – Details

• JavaScript

  • Add support for JS macros – Details
  • Statically evaluate constants referenced by macros – Details
  • Upgrade to ESLint 8 – Details
  • Bump swc – Details

• CSS

  • Use lightningcss to implement CSS packager – Details

• Bundler

  • Rename "parentAsset" to "root" for Manual Shared Bundle config and remove unstable prefix – Details

• Web Extensions

  • Add content script world property to manifest schema validation – Details

• Performance

  • Adjacency list optimizations – Details
  • Break up request graph cache serialisation and run after build completion – Details

Fixed

• Core

  • Drop per-pipeline transformation cache – Details
  • Clippy and use napi's Either3 – Details
  • Add lazy/eager cache key to avoid invalid change when switching modes – Details

• JavaScript

  • Remove decl_collector pass and use SWC's unresolved_mark instead – Details

• Bundler

  • Fix multiple css bundles in entry bundle groups issue – Details
  • Allow parallel type change bundles to be reused by async siblings – Details
  • Skip on missing parent asset for manual shared bundles – Details

Unstable

... (truncated)

Commits

• d9ec7af Publish
• 430679c Update yarn.lock
• fe08980 fix source maps on coffeescript assets (#3423)
• dc393bf Fixes #3133 by upgrading serialize-to-js from 1.1.1 to 3.0.0 (#3451)
• 96119be Fix up misleading usage information (#3158)
• a92e9b2 bump chokidar to get a reload fix for linux (#2878)
• 75a891e Use uppercase for the first letter of the issue template (#3192)
• 6fbfe96 Update dotenv-expand to allow overriding of falsy values (#2971)
• 7ad25fd Fixes 3076: HMR update breaks in webworker due to window (and location.reload...
• 4b50182 Scope hoisting destructuring (#2742)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/godaddy-wordpress/wc-plugin-framework/network/alerts).