Bump the build group with 4 updates by dependabot[bot] · Pull Request #356 · NHSDigital/nhsuk-react-components

dependabot · 2026-04-02T02:31:09Z

Bumps the build group with 4 updates: @babel/preset-env, rollup, baseline-browser-mapping and caniuse-lite.

Updates @babel/preset-env from 7.29.0 to 7.29.2

Release notes

Sourced from @babel/preset-env's releases.

v7.29.2 (2026-03-16)

👓 Spec Compliance

babel-parser

#17840 [7.x backport] async x => {} must be in leading pos (@JLHwung)

🐛 Bug Fix

babel-helpers, babel-plugin-transform-async-generator-functions, babel-preset-env, babel-runtime-corejs3

#17805 [7.x backport] fix: Properly handle await in finally (@liuxingbaoyu)

babel-preset-env

#17789 [7.x backport] preset-env include/exclude should accept bugfix plugins (@JLHwung)

🏠 Internal

#17813 chore: update eslint peer deps (@JLHwung)

Committers: 2

Huáng Jùnliàng (@JLHwung)

@liuxingbaoyu

v7.29.1 (2026-02-04)

🐛 Bug Fix

babel-standalone

#17771 [7.x backport] fix: ensure targets.esmodules is validated (@JLHwung)

babel-generator

#17776 [7.x backport] Fix undefined when 64 indents (@liuxingbaoyu)

Committers: 2

Huáng Jùnliàng (@JLHwung)

@liuxingbaoyu

Commits

37d5595 v7.29.2
1c0a08d [7.x backport] fix: Properly handle await in finally (#17805)
061bf95 [7.x backport] preset-env include/exclude should accept bugfix plugins (#17789)
See full diff in compare view

Updates rollup from 4.59.0 to 4.60.0

Release notes

Sourced from rollup's releases.

v4.60.0

4.60.0

2026-03-22

Features

Support source phase imports as long as they are external (#6279)

Pull Requests

#6279: feat: external only Source Phase imports support (@guybedford, @lukastaegert)

v4.59.1

4.59.1

2026-03-21

Bug Fixes

Fix a crash when using lazy dynamic imports with moduleSideEffects:false (#6306)

Pull Requests

#6281: fix(deps): update minor/patch updates (@renovate[bot], @lukastaegert)

#6282: chore(deps): update github artifact actions (major) (@renovate[bot], @lukastaegert)

#6283: chore(deps): update dependency nyc to v18 (@renovate[bot], @lukastaegert)

#6284: fix(deps): update swc monorepo (major) (@renovate[bot])

#6285: chore(deps): lock file maintenance (@renovate[bot])

#6290: chore(deps): update minor/patch updates (@renovate[bot], @lukastaegert)

#6291: chore(deps): update dependency @shikijs/vitepress-twoslash to v4 (@renovate[bot])

#6292: chore(deps): lock file maintenance (@renovate[bot])

#6297: chore(deps): update minor/patch updates (@renovate[bot])

#6298: chore(deps): lock file maintenance (@renovate[bot])

#6299: chore(deps): lock file maintenance (@renovate[bot])

#6300: docs: update packagephobia link (@bluwy)

#6301: chore(deps): update dependency lint-staged to ^16.3.3 (@renovate[bot])

#6306: fix: fix chunk assignment for deoptimized module with dynamic import (@JoaoBrlt, @lukastaegert)

#6307: chore(deps): update minor/patch updates (@renovate[bot])

#6308: chore(deps): update dependency lru-cache to v11 (@renovate[bot])

#6309: chore(deps): update dependency vite to v8 (@renovate[bot])

#6310: chore(deps): lock file maintenance (@renovate[bot])

#6311: chore(deps): lock file maintenance (@renovate[bot])

#6312: chore(deps): lock file maintenance (@renovate[bot])

Changelog

Sourced from rollup's changelog.

4.60.0

2026-03-22

Features

Support source phase imports as long as they are external (#6279)

Pull Requests

#6279: feat: external only Source Phase imports support (@guybedford, @lukastaegert)

4.59.1

2026-03-21

Bug Fixes

Fix a crash when using lazy dynamic imports with moduleSideEffects:false (#6306)

Pull Requests

#6281: fix(deps): update minor/patch updates (@renovate[bot], @lukastaegert)

#6282: chore(deps): update github artifact actions (major) (@renovate[bot], @lukastaegert)

#6283: chore(deps): update dependency nyc to v18 (@renovate[bot], @lukastaegert)

#6284: fix(deps): update swc monorepo (major) (@renovate[bot])

#6285: chore(deps): lock file maintenance (@renovate[bot])

#6290: chore(deps): update minor/patch updates (@renovate[bot], @lukastaegert)

#6291: chore(deps): update dependency @shikijs/vitepress-twoslash to v4 (@renovate[bot])

#6292: chore(deps): lock file maintenance (@renovate[bot])

#6297: chore(deps): update minor/patch updates (@renovate[bot])

#6298: chore(deps): lock file maintenance (@renovate[bot])

#6299: chore(deps): lock file maintenance (@renovate[bot])

#6300: docs: update packagephobia link (@bluwy)

#6301: chore(deps): update dependency lint-staged to ^16.3.3 (@renovate[bot])

#6306: fix: fix chunk assignment for deoptimized module with dynamic import (@JoaoBrlt, @lukastaegert)

#6307: chore(deps): update minor/patch updates (@renovate[bot])

#6308: chore(deps): update dependency lru-cache to v11 (@renovate[bot])

#6309: chore(deps): update dependency vite to v8 (@renovate[bot])

#6310: chore(deps): lock file maintenance (@renovate[bot])

#6311: chore(deps): lock file maintenance (@renovate[bot])

#6312: chore(deps): lock file maintenance (@renovate[bot])

Commits

6ecd69f 4.60.0
6b725b9 feat: external only Source Phase imports support (#6279)
0cba9e0 4.59.1
4eeea29 Pin Vite
1cd49ae fix: fix chunk assignment for deoptimized module with dynamic import (#6306)
c9dabc3 Downgrade Vite
d46200f chore(deps): update dependency vite to v8 (#6309)
aa6c853 chore(deps): update dependency lru-cache to v11 (#6308)
4208811 chore(deps): lock file maintenance (#6312)
5348a82 chore(deps): lock file maintenance (#6311)
Additional commits viewable in compare view

Updates baseline-browser-mapping from 2.10.9 to 2.10.13

Release notes

Sourced from baseline-browser-mapping's releases.

v2.9.3 - remove process.loadEnvFile()

What's Changed

Remove process.loadEnfFile() from main script by @tonypconway in web-platform-dx/baseline-browser-mapping#112

Full Changelog: web-platform-dx/baseline-browser-mapping@v2.9.2...v2.9.3

Commits

10fcf19 Patch to 2.10.13 because browser or feature data changed
5db8ac5 Browser or feature data changed
74c2c12 Updating static site
193532e Patch to 2.10.12 because browser or feature data changed
344dffd Browser or feature data changed
1747389 Updating static site
eee1895 Patch to 2.10.11 because browser or feature data changed
4a7e144 Browser or feature data changed
3904f58 Updating static site
5a6d9b5 Patch to 2.10.10 because browser or feature data changed
Additional commits viewable in compare view

Updates caniuse-lite from 1.0.30001780 to 1.0.30001784

Commits

14baeb0 Update caniuse-db 1.0.30001784
f455430 Update caniuse-db 1.0.30001782
311d8db Update caniuse-db 1.0.30001781
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the build group with 4 updates: [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env), [rollup](https://github.com/rollup/rollup), [baseline-browser-mapping](https://github.com/web-platform-dx/baseline-browser-mapping) and [caniuse-lite](https://github.com/browserslist/caniuse-lite). Updates `@babel/preset-env` from 7.29.0 to 7.29.2 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.29.2/packages/babel-preset-env) Updates `rollup` from 4.59.0 to 4.60.0 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.59.0...v4.60.0) Updates `baseline-browser-mapping` from 2.10.9 to 2.10.13 - [Release notes](https://github.com/web-platform-dx/baseline-browser-mapping/releases) - [Commits](web-platform-dx/baseline-browser-mapping@v2.10.9...v2.10.13) Updates `caniuse-lite` from 1.0.30001780 to 1.0.30001784 - [Commits](browserslist/caniuse-lite@1.0.30001780...1.0.30001784) --- updated-dependencies: - dependency-name: "@babel/preset-env" dependency-version: 7.29.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: build - dependency-name: rollup dependency-version: 4.60.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: build - dependency-name: baseline-browser-mapping dependency-version: 2.10.13 dependency-type: indirect update-type: version-update:semver-patch dependency-group: build - dependency-name: caniuse-lite dependency-version: 1.0.30001784 dependency-type: indirect update-type: version-update:semver-patch dependency-group: build ... Signed-off-by: dependabot[bot] <support@github.com>

sonarqubecloud · 2026-04-02T02:31:47Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 2, 2026

colinrotherham self-requested a review April 2, 2026 13:27

colinrotherham approved these changes Apr 2, 2026

View reviewed changes

colinrotherham added this pull request to the merge queue Apr 2, 2026

Merged via the queue into main with commit 3edc3b5 Apr 2, 2026
3 checks passed

colinrotherham deleted the dependabot/npm_and_yarn/build-7272b2301d branch April 2, 2026 13:27

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the build group with 4 updates#356

Bump the build group with 4 updates#356
colinrotherham merged 1 commit intomainfrom
dependabot/npm_and_yarn/build-7272b2301d

dependabot bot commented on behalf of github Apr 2, 2026

Uh oh!

sonarqubecloud bot commented Apr 2, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot bot commented on behalf of github Apr 2, 2026

v7.29.2 (2026-03-16)

👓 Spec Compliance

🐛 Bug Fix

🏠 Internal

Committers: 2

v7.29.1 (2026-02-04)

🐛 Bug Fix

Committers: 2

v4.60.0

4.60.0

Features

Pull Requests

v4.59.1

4.59.1

Bug Fixes

Pull Requests

4.60.0

Features

Pull Requests

4.59.1

Bug Fixes

Pull Requests

v2.9.3 - remove process.loadEnvFile()

What's Changed

Uh oh!

sonarqubecloud bot commented Apr 2, 2026

Quality Gate passed

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

v2.9.3 - remove `process.loadEnvFile()`