Bump the javascript-minor group across 1 directory with 10 updates

[dependabot]

Bumps the javascript-minor group with 10 updates in the /client directory:

Package	From	To
@babel/plugin-transform-private-property-in-object	7.27.1	7.28.6
@fortawesome/fontawesome-svg-core	7.0.0	7.1.0
@testing-library/jest-dom	6.7.0	6.9.1
@testing-library/react	16.3.0	16.3.1
core-js	3.45.0	3.47.0
dompurify	3.2.6	3.3.1
isomorphic-dompurify	2.26.0	2.35.0
luxon	3.7.1	3.7.2
react-tooltip	5.29.1	5.30.0
sass	1.90.0	1.97.2

Updates @babel/plugin-transform-private-property-in-object from 7.27.1 to 7.28.6

Release notes

Sourced from @​babel/plugin-transform-private-property-in-object's releases.

v7.28.5 (2025-10-23)

Thank you @​CO0Ki3, @​Olexandr88, and @​youthfulhps for your first PRs!

👓 Spec Compliance

• babel-parser
  • #17446 Allow Runtime Errors for Function Call Assignment Targets (@​liuxingbaoyu)
• babel-helper-validator-identifier
  • #17501 fix: update identifier to unicode 17 (@​fisker)

🐛 Bug Fix

• babel-plugin-proposal-destructuring-private
  • #17534 Allow mixing private destructuring and rest (@​CO0Ki3)
• babel-parser
  • #17521 Improve @babel/parser error typing (@​JLHwung)
  • #17491 fix: improve ts-only declaration parsing (@​JLHwung)
• babel-plugin-proposal-discard-binding, babel-plugin-transform-destructuring
  • #17519 fix: rest correctly returns plain array (@​liuxingbaoyu)
• babel-helper-create-class-features-plugin, babel-helper-member-expression-to-functions, babel-plugin-transform-block-scoping, babel-plugin-transform-optional-chaining, babel-traverse, babel-types
  • #17503 Fix JSXIdentifier handling in isReferencedIdentifier (@​JLHwung)
• babel-traverse
  • #17504 fix: ensure scope.push register in anonymous fn (@​JLHwung)

🏠 Internal

• babel-types
  • #17494 Type checking babel-types scripts (@​JLHwung)

🏃‍♀️ Performance

• babel-core
  • #17490 Faster finding of locations in buildCodeFrameError (@​liuxingbaoyu)

Committers: 8

• Babel Bot (@​babel-bot)
• Byeongho Yoo (@​youthfulhps)
• Huáng Jùnliàng (@​JLHwung)
• Hyeon Dokko (@​CO0Ki3)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• @​Olexandr88
• @​liuxingbaoyu
• fisker Cheung (@​fisker)

v7.28.4 (2025-09-05)

Thanks @​gwillen and @​mrginglymus for your first PRs!

🏠 Internal

• babel-core, babel-helper-check-duplicate-nodes, babel-traverse, babel-types
  • #17493 Update Jest to v30.1.1 (@​JLHwung)
• babel-plugin-transform-regenerator
  • #17455 chore: Clean up transform-regenerator (@​liuxingbaoyu)

... (truncated)

Changelog

Sourced from @​babel/plugin-transform-private-property-in-object's changelog.

Changelog

Tags:

• 💥 [Breaking Change]
• 👓 [Spec Compliance]
• 🚀 [New Feature]
• 🐛 [Bug Fix]
• 📝 [Documentation]
• 🏠 [Internal]
• 💅 [Polish]

Note: Gaps between patch versions are faulty, broken or test releases.

This file contains the changelog starting from v7.15.0.

• See CHANGELOG - v7.0.0 to v7.14.9 for v7.0.0 to v7.14.9 changes.
• See CHANGELOG - v7 prereleases for v7.0.0-alpha.1 to v7.0.0-rc.4 changes.
• See CHANGELOG - v4, CHANGELOG - v5, and CHANGELOG - v6 for v4.x-v6.x changes.
• See CHANGELOG - 6to5 for the pre-4.0.0 version changelog.
• See Babylon's CHANGELOG for the Babylon pre-7.0.0-beta.29 version changelog.
• See babel-eslint's releases for the changelog before @babel/eslint-parser 7.8.0.
• See eslint-plugin-babel's releases for the changelog before @babel/eslint-plugin 7.8.0.

v7.28.5 (2025-10-23)

👓 Spec Compliance

• babel-parser
  • #17446 Allow Runtime Errors for Function Call Assignment Targets (@​liuxingbaoyu)
• babel-helper-validator-identifier
  • #17501 fix: update identifier to unicode 17 (@​fisker)

🐛 Bug Fix

• babel-plugin-proposal-destructuring-private
  • #17534 Allow mixing private destructuring and rest (@​CO0Ki3)
• babel-parser
  • #17521 Improve @babel/parser error typing (@​JLHwung)
  • #17491 fix: improve ts-only declaration parsing (@​JLHwung)
• babel-plugin-proposal-discard-binding, babel-plugin-transform-destructuring
  • #17519 fix: rest correctly returns plain array (@​liuxingbaoyu)
• babel-helper-create-class-features-plugin, babel-helper-member-expression-to-functions, babel-plugin-transform-block-scoping, babel-plugin-transform-optional-chaining, babel-traverse, babel-types
  • #17503 Fix JSXIdentifier handling in isReferencedIdentifier (@​JLHwung)
• babel-traverse
  • #17504 fix: ensure scope.push register in anonymous fn (@​JLHwung)

🏠 Internal

• babel-types
  • #17494 Type checking babel-types scripts (@​JLHwung)

... (truncated)

Commits

• d7f4008 v7.28.6
• 445b575 Allow Babel 8 in compatible Babel 7 plugins (#17580)
• 99dcba5 chore: enable some ts-eslint rules (#17592)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​babel/plugin-transform-private-property-in-object since your current version.

Updates @fortawesome/fontawesome-svg-core from 7.0.0 to 7.1.0

Release notes

Sourced from @​fortawesome/fontawesome-svg-core's releases.

Release 7.1.0

Change log available at https://fontawesome.com/docs/changelog/

Release 7.0.1

Change log available at https://fontawesome.com/docs/changelog/

Commits

• 41cfe64 Release 7.1.0 (#20810)
• b476ed9 Release 7.0.1 (#20792)
• c482aa2 Fix README Upgrading link (#20726)
• 161db08 Fix docs link
• See full diff in compare view

Updates @testing-library/jest-dom from 6.7.0 to 6.9.1

Release notes

Sourced from @​testing-library/jest-dom's releases.

v6.9.1

6.9.1 (2025-10-01)

Bug Fixes

• Fix undefined Node error (nodejs) (#707) (0ff8904)

v6.9.0

6.9.0 (2025-09-30)

Features

• Add .toAppearBefore/.toAppearAfter matcher (#702) (95f870a)

v6.8.0

6.8.0 (2025-08-20)

Features

• add toBePartiallyPressed matcher (#203) (#692) (779b712)

Commits

• 0ff8904 fix: Fix undefined Node error (nodejs) (#707)
• 95f870a feat: Add .toAppearBefore/.toAppearAfter matcher (#702)
• d6663f5 docs: add nossbigg as a contributor for code, and test (#703)
• 779b712 feat: add toBePartiallyPressed matcher (#203) (#692)
• See full diff in compare view

Updates @testing-library/react from 16.3.0 to 16.3.1

Release notes

Sourced from @​testing-library/react's releases.

v16.3.1

16.3.1 (2025-12-15)

Bug Fixes

• Switch to trusted publishing (#1437) (a2d37ff)

Commits

• a2d37ff fix: Switch to trusted publishing (#1437)
• cd6a175 chore: fix action permissions (#1436)
• 22b8c28 chore: fix release (#1435)
• d996673 chore: new release workflow (#1434)
• 205ce17 chore: fix typo in jest.config.js (#1427)
• aba5740 [test] Fix tests for react@experimental (#1424)
• 590bc18 [test] Fix npm run typecheck (#1423)
• 1c931a6 chore(deps): use npm-run-all2 (#1411)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​testing-library/react since your current version.

Updates core-js from 3.45.0 to 3.47.0

Changelog

Sourced from core-js's changelog.

3.47.0 - 2025.11.18

• Changes v3.46.0...v3.47.0 (117 commits)
• JSON.parse source text access proposal :
  • Built-ins:
    • JSON.isRawJSON
    • JSON.parse
    • JSON.rawJSON
    • JSON.stringify
  • Moved to stable ES, November 2025 TC39 meeting
  • Added es. namespace modules, /es/ and /stable/ namespaces entries
  • Reworked JSON.stringify internals
• Iterator sequencing proposal:
  • Built-ins:
    • Iterator.concat
  • Moved to stable ES, November 2025 TC39 meeting
  • Added es. namespace modules, /es/ and /stable/ namespaces entries
• Joint iteration proposal:
  • Built-ins:
    • Iterator.zip
    • Iterator.zipKeyed
  • Moved to stage 3, November 2025 TC39 meeting
  • Added /actual/ namespace entries, unconditional forced replacement changed to feature detection
• Fixed increasing .size in URLSearchParams.prototype.append polyfill in IE8-
• Compat data improvements:
  • Iterator.concat marked as shipped in FF147
  • Map upsert proposal features marked as shipped in Safari 26.2
  • Math.sumPrecise marked as shipped in Safari 26.2
  • Uint8Array.{ fromBase64, prototype.setFromBase64 } marked as fixed in Safari 26.2
  • Missed Explicit Resource Management features added in Bun 1.3.0
  • Added Oculus Quest Browser 41 compat data mapping
  • Added Electron 40 compat data mapping

3.46.0 - 2025.10.09

• Changes v3.45.1...v3.46.0 (116 commits)
• Map upsert stage 3 proposal:
  • Fixed a FF WeakMap.prototype.getOrInsertComputed bug with callback calling before validation a key
• Iterator chunking proposal:
  • Built-ins:
    • Iterator.prototype.chunks
    • Iterator.prototype.windows
  • Moved to stage 2.7, September 2025 TC39 meeting
  • Iterator.prototype.sliding method replaced with an extra parameter of Iterator.prototype.windows method, [tc39/proposal-iterator-chunking/#24](tc39/proposal-iterator-chunking#24), [tc39/proposal-iterator-chunking/#26](tc39/proposal-iterator-chunking#26)
• Fixed Iterator.zip and Iterator.zipKeyed behavior with mode: 'longest' option, #1469, thanks @​lionel-rowe
• Fixed work of Object.groupBy and Iterator.zipKeyed together with Symbol polyfill - some cases of symbol keys on result null-prototype object were able to leak out to for-in
• Compat data improvements:
  • Map upsert proposal features marked as shipped from FF144
  • Added Node 25.0 compat data mapping
  • Added Deno 2.5 compat data mapping
  • Updated Electron 39 compat data mapping
  • Updated Opera 121+ compat data mapping

... (truncated)

Commits

• c1d2c7e v3.47.0
• 400f00e move JSON.parse source text access to stable ES
• 2b383e9 move joint iteration to stage 3
• 21f984c move Iterator sequencing proposal to stable ES
• 6add4cd add explicit "sideEffects": true to core-js and core-js-bundle packages
• 0f6c98d update eslint-plugin-unicorn
• fe04540 fix increasing .size in URLSearchParams.prototype.append polyfill in IE8-
• 98d9dc4 v3.46.0
• 38420bd add homepage field to package.jsons
• a7aee4c some fixes
• Additional commits viewable in compare view

Updates dompurify from 3.2.6 to 3.3.1

Release notes

Sourced from dompurify's releases.

DOMPurify 3.3.1

• Updated ADD_FORBID_CONTENTS setting to extend default list, thanks @​MariusRumpf
• Updated the ESM import syntax to be more correct, thanks @​binhpv

DOMPurify 3.3.0

• Added the SVG mask-type attribute to default allow-list, thanks @​prasadrajandran
• Added support for ADD_ATTR and ADD_TAGS to accept functions, thanks @​nelstrom
• Fixed an issue with the slot element being in both SVG and HTML allow-list, thanks @​Wim-Valgaeren

DOMPurify 3.2.7

• Added new attributes and elements to default allow-list, thanks @​elrion018
• Added tagName parameter to custom element attributeNameCheck, thanks @​nelstrom
• Added better check for animated href attributes, thanks @​llamakko
• Updated and improved the bundled types, thanks @​ssi02014
• Updated several tests to better align with new browser encoding behaviors
• Improved the handling of potentially risky content inside CDATA elements, thanks @​securityMB & @​terjanq
• Improved the regular expression for raw-text elements to cover textareas, thanks @​securityMB & @​terjanq

Commits

• 6fc446a Merge pull request #1175 from cure53/main
• 3b3bf91 Merge branch 'main' of github.com:cure53/DOMPurify
• 9863f41 chore: Preparing 3.3.1 release
• b4e0295 chore: Preparing 3.3.0 release
• 077746b build(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 (#1170)
• 4de68bb build(deps): bump actions/checkout from 5 to 6 (#1171)
• 4c76b6f Use correct ESM import syntax (#1173)
• 27e8496 Merge pull request #1168 from MariusRumpf/add-forbid-contents
• a920096 Add ADD_FORBID_CONTENTS setting to extend default list
• ac64660 Merge pull request #1163 from cure53/dependabot/github_actions/actions/setup-...
• Additional commits viewable in compare view

Updates isomorphic-dompurify from 2.26.0 to 2.35.0

Release notes

Sourced from isomorphic-dompurify's releases.

2.35.0: Updated jsdom

Changelog

• Updated jsdom.
• Updated dev dependencies.

See the complete changelog for more details.

Release

2.35.0

2.34.0: Updated dependencies

Changelog

• Updated dompurify and jsdom.
• Updated dev dependencies.

See the complete changelog for more details.

Release

2.34.0

2.33.0: Improved Web Worker support

Changelog

• Improved Web Worker compatibility (partial) #242 (thanks @​wSedlacek for the contribution and @​coderabbitai for advice)

See the complete changelog for more details.

Release

2.33.0

2.32.0: Updated dependencies

Changelog

• Updated jsdom.
• Updated dev dependencies.

See the complete changelog for more details.

Release

2.32.0

2.31.0: Updated dependencies

Changelog

... (truncated)

Commits

• 2cc5a03 Updated deps. Incremented project version.
• d40fcf0 Merge pull request #382 from kkomelin/dependabot/npm_and_yarn/jsdom-27.4.0
• e45ecf5 chore(deps): bump jsdom from 27.3.0 to 27.4.0
• 0c612e6 Merge pull request #381 from kkomelin/dependabot/npm_and_yarn/vitest-4.0.16
• 16ca947 chore(deps-dev): bump vitest from 4.0.15 to 4.0.16
• dded60d chore: Incremented project version.
• 044f7b2 Updated deps.
• 895d5cd Merge pull request #379 from kkomelin/dependabot/npm_and_yarn/dompurify-3.3.1
• 816f91f Merge pull request #380 from kkomelin/dependabot/npm_and_yarn/jsdom-27.3.0
• a48c30b chore(deps): bump jsdom from 27.2.0 to 27.3.0
• Additional commits viewable in compare view

Updates luxon from 3.7.1 to 3.7.2

Changelog

Sourced from luxon's changelog.

3.7.2 (2025-07-09)

• Fix ES6 packaging

Commits

• 4262a38 Version 3.7.2
• 738144d Fix the build ES6 code having the wrong file extension and use it in package....
• See full diff in compare view

Updates react-tooltip from 5.29.1 to 5.30.0

Release notes

Sourced from react-tooltip's releases.

v5.30.0

If you like ReactTooltip, please give the project a star on GitHub 🌟

What's Changed

• Add aria-describedby automatically by @​chardin1 in ReactTooltip/react-tooltip#1257

New Contributors

• @​chardin1 made their first contribution in ReactTooltip/react-tooltip#1257

Full Changelog: ReactTooltip/react-tooltip@v5.29.1...v5.30.0

Commits

• f94d26e chore(version): v5.30.0
• 2672a50 feat: add aria-describedby to tooltip automatically (#1257)
• See full diff in compare view

Updates sass from 1.90.0 to 1.97.2

Release notes

Sourced from sass's releases.

Dart Sass 1.97.2

To install Sass 1.97.2, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• Additional fixes for implicit configuration when nested imports are involved.

See the full changelog for changes in earlier releases.

Dart Sass 1.97.1

To install Sass 1.97.1, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• Fix a bug with the new CSS-style if() syntax where values would be evaluated even if their conditions didn't match.

See the full changelog for changes in earlier releases.

Dart Sass 1.97.0

To install Sass 1.97.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• Add support for the display-p3-linear color space.

See the full changelog for changes in earlier releases.

Dart Sass 1.96.0

To install Sass 1.96.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• Allow numbers with complex units (more than one numerator unit or more than zero denominator units) to be emitted to CSS. These are now emitted as calc() expressions, which now support complex units in plain CSS.

See the full changelog for changes in earlier releases.

Dart Sass 1.95.1

To install Sass 1.95.1, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

... (truncated)

Changelog

Sourced from sass's changelog.

1.97.2

• Additional fixes for implicit configuration when nested imports are involved.

1.97.1

• Fix a bug with the new CSS-style if() syntax where values would be evaluated even if their conditions didn't match.

1.97.0

• Add support for the display-p3-linear color space.

1.96.0

• Allow numbers with complex units (more than one numerator unit or more than zero denominator units) to be emitted to CSS. These are now emitted as calc() expressions, which now support complex units in plain CSS.

1.95.1

• No user-visible changes.

1.95.0

• Add support for the CSS-style if() function. In addition to supporting the plain CSS syntax, this also supports a sass() query that takes a Sass expression that evaluates to true or false at preprocessing time depending on whether the Sass value is truthy. If there are no plain-CSS queries, the function will return the first value whose query returns true during preprocessing. For example, if(sass(false): 1; sass(true): 2; else: 3) returns 2.

• The old Sass if() syntax is now deprecated. Users are encouraged to migrate to the new CSS syntax. if($condition, $if-true, $if-false) can be changed to if(sass($condition): $if-true; else: $if-false).

  See the Sass website for details.

• Plain-CSS if() functions are now considered "special numbers", meaning that they can be used in place of arguments to CSS color functions.

• Plain-CSS if() functions and attr() functions are now considered "special variable strings" (like var()), meaning they can now be used in place of multiple arguments or syntax fragments in various CSS functions.

1.94.3

... (truncated)

Commits

• d12cc7d Fix bug with implicit configuration for nested imports (#2658)
• 340bfd2 Bump actions/download-artifact from 6 to 7 (#2706)
• a795ab3 Bump actions/upload-artifact from 5 to 6 (#2705)
• add7e6f Bump protoc_plugin from 23.0.0 to 24.0.0 (#2696)
• 62ec662 Use pwsh instead of powershell (#2710)
• b2f2532 Don't evaluate if() values if the condition doesn't match (#2707)
• 0c7083a Add support for the display-p3-linear color space (#2703)
• f6bdc02 Add support for complex units in CSS (#2699)
• 4aa6d5f Support parseSelectors in ImportCache (#2701)
• eae38c5 Fix an incorrect link in the changelog (#2700)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for sass since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions