build(deps-dev): bump all

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
autoprefixer	10.4.27 → 10.5.0					devDependencies	minor
cssnano	7.1.4 → 7.1.5					devDependencies	patch
github/codeql-action	v3.35.1 → v3.35.2					action	patch
prettier (source)	3.8.2 → 3.8.3					devDependencies	patch
returntocorp/semgrep	a3d49dc → d7d67e1					container	digest

---

Release Notes

postcss/autoprefixer (autoprefixer)

v10.5.0

Compare Source

• Added mask-position-x and mask-position-y support (by @​toporek).

cssnano/cssnano (cssnano)

v7.1.5: v7.1.5

Compare Source

Bug Fixes

• fix(postcss-reduce-idents): support counter-set property by @​dkryaklin in #​1765
• fix(postcss-convert-values): add transformCustomProperties option by @​dkryaklin in #​1769
• fix(postcss-colormin): add transformCustomProperties option by @​dkryaklin in #​1768

Full Changelog: https://github.com/cssnano/cssnano/compare/cssnano@7.1.4...cssnano@7.1.5

github/codeql-action (github/codeql-action)

v3.35.2

Compare Source

• The undocumented TRAP cache cleanup feature that could be enabled using the CODEQL_ACTION_CLEANUP_TRAP_CACHES environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the trap-caching: false input to the init Action. #​3795
• The Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. #​3789
• Python analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. #​3794
• Fixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. #​3807
• Update default CodeQL bundle version to 2.25.2. #​3823

prettier/prettier (prettier)

v3.8.3

Compare Source

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • Between 12:00 AM and 03:59 AM, only on Monday (* 0-3 * * 1)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[netlify]

✅ Deploy Preview for gh-pages-openinf ready!

Name	Link
🔨 Latest commit	7d69eb6
🔍 Latest deploy log	https://app.netlify.com/projects/gh-pages-openinf/deploys/69e57250a7e59e0008df063e
😎 Deploy Preview	https://deploy-preview-1747--gh-pages-openinf.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	cssnano@​7.1.4 ⏵ 7.1.5				+3
	autoprefixer@​10.4.27 ⏵ 10.5.0	+1
	prettier@​3.8.2 ⏵ 3.8.3	+1		+1	+2

View full report