Update/Audit NPM Dependencies for 6.5

[desrosj]

Previously:

• #58863 (6.4)
• #57657 (6.3)
• #57535 (6.2)
• #56641 (6.1)
• #54727 (6.0)
• #53361 (5.9)
• #52624 (5.8)
• #51801 (5.7)
• #50769 (5.6)
• #49768 (5.5)
• #49547 (5.4)
• #48203 (5.3)
• #46039 (5.1)
• #45064 (5.0)
• #38199 (4.7)
• #36520 (4.6)
• #35104 (4.5)
• #34177 (4.4)
• #31700 (4.3)
• #31489 (4.2)
• #30141 (4.1)
• #27340 (4.0)
• #26073 (3.9)

[desrosj]

In 57122:

Twenty Twenty-One: Update all dependencies.

In preparation for updating Core to use Node.js version 18.x, this updates the dependancies for the Twenty Twenty-One theme to the latest versions. This addresses an unsupported engine warning where packages within the dependency tree did not support Node.js > 16.x.

All changes to built files are included in this commit. These changes are a result of the following:

• Identical sets of properties for multiple selectors are now consolidated into one.
• The removal of a duplicate --branding--description--font-family definition.
• The addition of the postcss-discard-empty dependency, which removes empty CSS rules within IE stylesheets after the previous consolidation is performed.
• stylelint has only been updated to 14.x (15.x is the latest). This is because @wordpres/stylelint-config currently has a version constraint of ^14.2 and does not properly support 15.x.

The last change of note is the new configuration for the value-keyword-case rule in .stylelint-css.json. This was added as a way to prevent the currentColor from being changed to all lowercase.

Props jorbin, poena.
See #59663, #59658.

[jorbin]

In 57217:

Build/Test: Update Grunt Patch Wordpress for Node 20+.

Props jorbin, desrosj.
See #59658, #59663.

[desrosj]

In 57534:

Build/Test Tools: Update the codecov/codecov-action action.

This updates the codecov/codecov-action from version 3.1.5 to 4.0.1.

Version 4 switches to using the Codecov CLI to upload test report date, and changes the version of Node.js used for the action to 20.x. This fixes the notices currently shown for the test coverage workflow.

Props: mukesh27.
See #59658.

[desrosj]

In 57536:

Build/Test Tools: Pass a token to the Codecov action.

Version 4 of the action now requires a token to be provided in order to upload coverage results.

Follow up to [57534].

Props swissspidy.
See #59658.

Trac ticket: https://core.trac.wordpress.org/ticket/59658

While looking at #6090, I noticed that a few dependencies were out of date, but had no use within the actual code base or build scripts. Looking further, it seems that they are also dependencies for @wordpress block editor related packages. That should make them unnecessary as direct dependencies here.

Trac ticket: https://core.trac.wordpress.org/ticket/59658

Looks good. Thanks for removing unnecessary dependencies.

Thanks! This is build tool related, so it can go in after beta 1.

[desrosj]

In 57634:

Build/Test Tools: Remove unnecessary direct dependencies.

This removes the @emotion/is-prop-valid, @emotion/memoize, and framer-motion packages as direct dependencies.

These were introduced in [56065], but do not appear to have been integrated into the build process. Instead, these are now installed as peer dependencies to the @wordpress/block-editor and @wordpress/components packages.

Props gziolo, huzaifaalmesbah.
See #59658.

Merged in https://core.trac.wordpress.org/changeset/57634.

[desrosj]

In 57635:

Build/Test Tools: Update several dependencies.

This updates the following dependencies:

• @pmmmwh/react-refresh-webpack-plugin from 0.5.5 to 0.5.11.
• autoprefixer from 10.4.16 to 10.4.17.
• copy-webpack-plugin from 11.0.0 to 12.0.2.
• cssnano from 6.0.1 to 6.0.3.
• dotenv from 16.3.1 to 16.4.4.
• dotenv-expand from 10.0.0 to 11.0.3.
• postcss from 8.4.31 to 8.4.35.
• sass from 1.69.3 to 1.70.0.
• sinon from 16.0.3 to 16.1.3.
• source-map-loader from 4.0.1 to 5.0.0.
• terser-webpack-plugin from 5.3.9 to 5.3.10.
• wait-on from 7.0.1 to 7.2.0.
• webpack from 5.89.0 to 5.90.2.

Additionally, npm audit fix has been run.

See #59658.

Trac ticket: https://core.trac.wordpress.org/ticket/59658

Merged in core.trac.wordpress.org/changeset/57635.

[desrosj]

In 57636:

Build/Test Tools: Remove more unnecessary direct dependencies.

This removes the is-plain-object, memize, path-to-regexp, and tslib.

These were also introduced in [56065] and have been integrated into the build process. Instead, these are now installed as peer dependencies through the @/wordpress/* packages that actually require them.

Follow up to [57634].

Props swissspidy.
See #59658.

Merged in https://core.trac.wordpress.org/changeset/57636

[desrosj]

Going to close this one out. If there are more updates needed before release, we can reopen.