Update/Audit NPM Dependencies for 6.3

[desrosj]

Previously:

• #57535 (6.2)
• #56641 (6.1)
• #54727 (6.0)
• #53361 (5.9)
• #52624 (5.8)
• #51801 (5.7)
• #50769 (5.6)
• #49768 (5.5)
• #49547 (5.4)
• #48203 (5.3)
• #46039 (5.1)
• #45064 (5.0)
• #38199 (4.7)
• #36520 (4.6)
• #35104 (4.5)
• #34177 (4.4)
• #31700 (4.3)
• #31489 (4.2)
• #30141 (4.1)
• #27340 (4.0)
• #26073 (3.9)

[desrosj]

Even though the 6.3 cycle has not yet begun, I created this so that it's not forgotten for the next release cycle since #57535 was closed as fixed with no more required updates.

If a dependency needs updating before 6.2 is branched, please reopen #57535 and include the fix there.

Hi there! I've updated npm dependencies for 6.3.

The following dependencies are being updated:
jest-image-snapshot from 3.0.1 to 6.1.0
react-refresh from 0.10.0 to 0.14.0
imagesloaded from 4.1.4 to 5.0.0

Note that: grunt latest version is 1.6.1 but it is not compatible with our version of node/npm. It wanted: {"node":">=16"} but wordpress core wanted: {"node": "14.x"}. So it's not updated.

Thank You.

Trac ticket: https://core.trac.wordpress.org/ticket/57657

[Hareesh Pillai]

There's been a new major release of cssnano (v6.0.0).
Changes: ​https://github.com/cssnano/cssnano/compare/cssnano@5.1.14...cssnano@6.0.0

Also, I'm changing the ticket type to enhancement, as this is not a bug.

[azaozz]

Replying to Hareesh Pillai:

I'm changing the ticket type to enhancement, as this is not a bug.

Hmm, not so sure? Updates usually include bugfixes, so technically this is both enhancement and bugfix. The best ticket type is probably "task" :)

[azaozz]

The PR needs a refresh. This can be committed during beta as it is for the build/test tools, not production code.

[Hareesh Pillai]

Replying to azaozz:

Hmm, not so sure? Updates usually include bugfixes, so technically this is both enhancement and bugfix. The best ticket type is probably "task" :)

Totally agree with you, @azaozz. I was trying just to keep up with the convention based on the previous tickets mentioned in the description.

Anyway, the current blessed task status gives us more time to land stuff into the upcoming release!

[joemcgill]

In 56097:

Build/Test Tools: Update terser-webpack-plugin.

This bumps the terser-webpack-plugin dependency to version 5.3.9, which fixes an error during the minification process of the @wordpress/block-library package during builds.

Props clorith, azaozz, desrosj.
Fixes #58660, See #57657.

[desrosj]

@tanjimtc71 Apologies that your pull request did not get the attention it needed for 6.3. There are still some outdated dependencies in the 6.3 branch (including the ones addressed in the PR and mentioned above), but looking at what they are, I don't feel strongly enough to update them during RC. I'm going to close this out and we can circle back to them in #58863.

One rule of thumb to keep in mind for the future. There are currently two types of dependencies for WordPress: ones that are used in the build processes and development tools (cssnano, dotenv, grunt-contrib-clean, etc.), and ones that include an external library that is processed within the build process (polyfills such as imagesloaded, moment, jquery, etc.).

Updates for the former are usually handled here because their impact on the built software that's eventually released to the world is typically minimal to zero. Updates to the latter are usually handled in either individual separate tickets (such as #58083 for jquery or #56731 for imagesloaded), or a separate overarching ticket for updating lesser used ones (such as #56670 or #57646). External library updates like these usually require more visibility since updates could potentially impact 3rd-party code.

#56658 will also be addressing the problems with NodeJS version constraints (requiring 16.x+) in the next few weeks, so dependencies can be updated more comprehensively after that.