Bump the dev-dependencies group with 6 updates

[dependabot]

Bumps the dev-dependencies group with 6 updates:

Package	From	To
@vueuse/core	14.2.0	14.2.1
vue	3.5.27	3.5.29
@types/webextension-polyfill	0.12.4	0.12.5
@vue/compiler-sfc	3.5.27	3.5.29
css-loader	7.1.3	7.1.4
webpack	5.104.1	5.105.3

Updates @vueuse/core from 14.2.0 to 14.2.1

Release notes

Sourced from @​vueuse/core's releases.

v14.2.1

   🚀 Features

• Add skills at the root directory for skills cli  -  by @​antfu (c005d)
• skills: Transfer @vueuse/skills  -  by @​serkodev in vueuse/vueuse#5286 (532ac)

   🐞 Bug Fixes

• useRafFn: Resolve reactive null fpsLimit not being handled  -  by @​nemanjamalesija in vueuse/vueuse#5284 (8ce0d)

    View changes on GitHub

Commits

• c76c4ee chore: release v14.2.1
• 8ce0dae fix(useRafFn): resolve reactive null fpsLimit not being handled (#5284)
• 39afd85 refactor: explicitly define return type (#5275)
• fa483b4 refactor: unify Supportable across composables (#5274)
• See full diff in compare view

Updates vue from 3.5.27 to 3.5.29

Release notes

Sourced from vue's releases.

v3.5.29

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

v3.5.28

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

Changelog

Sourced from vue's changelog.

3.5.29 (2026-02-24)

Bug Fixes

• runtime-core: prevent instance leak in withAsyncContext (#14445) (702284f), closes nuxt/nuxt#33644
• server-renderer: render className as escaped string (#14469) (da6690c)
• transition: prevent enter if leave is in progress (#14443) (df059f8), closes #12091 #12133

3.5.28 (2026-02-09)

Bug Fixes

• transition: avoid unexpected cancelled parameter in transition done callback (#14391) (6798853)
• compiler-sfc: add resolution trying for .mts/.cts files (#14402) (c09d41f), closes vuejs/router#2611
• compiler-sfc: no params were generated when using withDefaults (#12823) (b0a1f05), closes #12822
• reactivity: add __v_skip flag to EffectScope to prevent reactive conversion (#14359) (48b7552), closes #14357
• runtime-core: avoid retaining el on cached text vnodes during static traversal (#14419) (4ace79a), closes #14134
• runtime-core: prevent child component updates when style remains unchanged (#12825) (57866b5), closes #12826
• runtime-core: properly handle async component update before resolve (#11619) (e71c26c), closes #11617
• runtime-dom: handle null/undefined handler in withModifiers (#14362) (261de54), closes #14361
• teleport: properly handling disabled teleport target anchor (#14417) (d7bcd85), closes #14412
• transition-group: correct move translation under scale via element rect (#14360) (0243a79), closes #14356
• useTemplateRef: don't update setup ref for useTemplateRef key (#12756) (fc40ca0), closes #12749

Commits

• 355d606 release: v3.5.29
• 5b0227d chore(deps): update dependency minimatch to ~10.2.0 [security] (#14460)
• 2a79483 chore(deps): update test (#14456)
• 53a4ab4 chore(deps): update build (#14465)
• 3cb43fe chore(deps): update all non-major dependencies (#14455)
• d3083a5 chore(deps): update lint (#14464)
• 702284f fix(runtime-core): prevent instance leak in withAsyncContext (#14445)
• da6690c fix(server-renderer): render className as escaped string (#14469)
• 521157d types(jsx): flexible class attribute declarations (#14441)
• df059f8 fix(transition): prevent enter if leave is in progress (#14443)
• Additional commits viewable in compare view

Updates @types/webextension-polyfill from 0.12.4 to 0.12.5

Commits

• See full diff in compare view

Updates @vue/compiler-sfc from 3.5.27 to 3.5.29

Release notes

Sourced from @​vue/compiler-sfc's releases.

v3.5.29

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

v3.5.28

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

Changelog

Sourced from @​vue/compiler-sfc's changelog.

3.5.29 (2026-02-24)

Bug Fixes

• runtime-core: prevent instance leak in withAsyncContext (#14445) (702284f), closes nuxt/nuxt#33644
• server-renderer: render className as escaped string (#14469) (da6690c)
• transition: prevent enter if leave is in progress (#14443) (df059f8), closes #12091 #12133

3.5.28 (2026-02-09)

Bug Fixes

• transition: avoid unexpected cancelled parameter in transition done callback (#14391) (6798853)
• compiler-sfc: add resolution trying for .mts/.cts files (#14402) (c09d41f), closes vuejs/router#2611
• compiler-sfc: no params were generated when using withDefaults (#12823) (b0a1f05), closes #12822
• reactivity: add __v_skip flag to EffectScope to prevent reactive conversion (#14359) (48b7552), closes #14357
• runtime-core: avoid retaining el on cached text vnodes during static traversal (#14419) (4ace79a), closes #14134
• runtime-core: prevent child component updates when style remains unchanged (#12825) (57866b5), closes #12826
• runtime-core: properly handle async component update before resolve (#11619) (e71c26c), closes #11617
• runtime-dom: handle null/undefined handler in withModifiers (#14362) (261de54), closes #14361
• teleport: properly handling disabled teleport target anchor (#14417) (d7bcd85), closes #14412
• transition-group: correct move translation under scale via element rect (#14360) (0243a79), closes #14356
• useTemplateRef: don't update setup ref for useTemplateRef key (#12756) (fc40ca0), closes #12749

Commits

• 355d606 release: v3.5.29
• 5b0227d chore(deps): update dependency minimatch to ~10.2.0 [security] (#14460)
• 809a75d chore: fix typos and grammar (#14437)
• 1bdeb33 release: v3.5.28
• b0a1f05 fix(compiler-sfc): no params were generated when using withDefaults (#12823)
• c09d41f fix(compiler-sfc): add resolution trying for .mts/.cts files (#14402)
• 4c753e3 chore(deps): update all non-major dependencies (#14428)
• e9a078f fix(deps): update all non-major dependencies (#14235)
• d9d9577 chore(deps): update compiler (#14232)
• See full diff in compare view

Updates css-loader from 7.1.3 to 7.1.4

Release notes

Sourced from css-loader's releases.

v7.1.4

7.1.4 (2026-02-16)

Bug Fixes

• update peer dependency for @​rspack/core v2 (#1652) (aeddefe)

Changelog

Sourced from css-loader's changelog.

7.1.4 (2026-02-16)

Bug Fixes

• update peer dependency for @​rspack/core v2 (#1652) (aeddefe)

Commits

• 5b795af chore(release): 7.1.4
• aeddefe fix: update peer dependency for @​rspack/core v2 (#1652)
• See full diff in compare view

Updates webpack from 5.104.1 to 5.105.3

Release notes

Sourced from webpack's releases.

v5.105.3

Patch Changes

• Context modules now handle rejections correctly. (by @​alexander-akait in #20455)

• Only mark asset modules as side-effect-free when experimental.futureDefaults is set to true, so asset-copying use cases (e.g. import "./x.png") won’t break unless the option is enabled. (by @​hai-x in #20535)

• Add the missing webpack_exports declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by @​hai-x in #20463)

• Fixed HMR failure for CSS modules with @​import when exportType !== "link". When exportType is not "link", CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing @​import CSS to work correctly during hot module replacement. (by @​xiaoxiaojx in #20514)

• Fixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by @​xiaoxiaojx in #20454)

• Do not crash when a referenced chunk is not a runtime chunk. (by @​alexander-akait in #20461)

• Fix some types. (by @​alexander-akait in #20412)

• Ensure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by @​hai-x in #20510)

• Added createRequire support for ECMA modules. (by @​stefanbinoj in #20497)

• Added category for CJS reexport dependency to fix issues with ECMA modules. (by @​hai-x in #20444)

• Implement immutable bytes for bytes import attribute to match tc39 spec. (by @​alexander-akait in #20481)

• Fixed deterministic search for graph roots regardless of edge order. (by @​veeceey in #20452)

v5.105.2

Patch Changes

• Fixed WebpackPluginInstance type regression. (by @​alexander-akait in #20440)

v5.105.1

Patch Changes

• Fix VirtualUrlPlugin Windows compatibility by sanitizing cache keys and filenames. Cache keys now use toSafePath to replace colons (:) with double underscores (__) and sanitize other invalid characters, ensuring compatibility with Windows filesystem restrictions. (by @​xiaoxiaojx in #20424)

• Revert part of the createRequire generation behavior for require("node:...") to keep compatibility with those modules exports, e.g. const EventEmitter = require("node:events");. (by @​hai-x in #20433)

• Skip guard collection when exports-presence mode is disabled to improve parsing performance. (by @​hai-x in #20433)

v5.105.0

Minor Changes

• Allow resolving worker module by export condition name when using new Worker() (by @​hai-x in #20353)

• Detect conditional imports to avoid compile-time linking errors for non-existent exports. (by @​hai-x in #20320)

• Added the tsconfig option for the resolver options (replacement for tsconfig-paths-webpack-plugin). Can be false (disabled), true (use the default tsconfig.json file to search for it), a string path to tsconfig.json, or an object with configFile and references options. (by @​alexander-akait in #20400)

... (truncated)

Changelog

Sourced from webpack's changelog.

5.105.3

Patch Changes

• Context modules now handle rejections correctly. (by @​alexander-akait in #20455)

• Only mark asset modules as side-effect-free when experimental.futureDefaults is set to true, so asset-copying use cases (e.g. import "./x.png") won’t break unless the option is enabled. (by @​hai-x in #20535)

• Add the missing webpack_exports declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by @​hai-x in #20463)

• Fixed HMR failure for CSS modules with @​import when exportType !== "link". When exportType is not "link", CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing @​import CSS to work correctly during hot module replacement. (by @​xiaoxiaojx in #20514)

• Fixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by @​xiaoxiaojx in #20454)

• Do not crash when a referenced chunk is not a runtime chunk. (by @​alexander-akait in #20461)

• Fix some types. (by @​alexander-akait in #20412)

• Ensure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by @​hai-x in #20510)

• Added createRequire support for ECMA modules. (by @​stefanbinoj in #20497)

• Added category for CJS reexport dependency to fix issues with ECMA modules. (by @​hai-x in #20444)

• Implement immutable bytes for bytes import attribute to match tc39 spec. (by @​alexander-akait in #20481)

• Fixed deterministic search for graph roots regardless of edge order. (by @​veeceey in #20452)

5.105.2

Patch Changes

• Fixed WebpackPluginInstance type regression. (by @​alexander-akait in #20440)

5.105.1

Patch Changes

• Fix VirtualUrlPlugin Windows compatibility by sanitizing cache keys and filenames. Cache keys now use toSafePath to replace colons (:) with double underscores (__) and sanitize other invalid characters, ensuring compatibility with Windows filesystem restrictions. (by @​xiaoxiaojx in #20424)

• Revert part of the createRequire generation behavior for require("node:...") to keep compatibility with those modules exports, e.g. const EventEmitter = require("node:events");. (by @​hai-x in #20433)

• Skip guard collection when exports-presence mode is disabled to improve parsing performance. (by @​hai-x in #20433)

5.105.0

Minor Changes

• Allow resolving worker module by export condition name when using new Worker() (by @​hai-x in #20353)

... (truncated)

Commits

• 714a0e3 chore(release): new release (#20448)
• c323b39 chore(deps-dev): bump nyc from 17.1.0 to 18.0.0 (#20539)
• 8a01dfe refactor: deduplicate export presence logic in Harmony dependency classes (#2...
• b9fc7b3 chore(deps): bump test/test262-cases in the dependencies group (#20541)
• f8a5ac3 test: add coverage for nwjs exports condition and CSS modules with webworker ...
• 59bf024 test: add coverage for external script in EnvironmentNotSupportAsyncWarning (...
• 4c79ac2 test: add missing coverage for formatLocation and formatSize (#20534)
• 4f5c0a8 fix: mark asset module as side-effect-free when futureDefaults (#20535)
• 87987ca test: add test
• 67c5aae test: add configCase for ESM prefetch/preload under neutral target (#20524)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for webpack since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions