Bump the npm-dependencies group across 1 directory with 3 updates

[dependabot]

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

Bumps the npm-dependencies group with 3 updates in the / directory: esbuild, lucide-static and markdown-it.

Updates esbuild from 0.20.2 to 0.27.3

Release notes

Sourced from esbuild's releases.

v0.27.3

• Preserve URL fragments in data URLs (#4370)

  Consider the following HTML, CSS, and SVG:

  • index.html:

    <!DOCTYPE html>
    <html>
      <head><link rel="stylesheet" href="icons.css"></head>
      <body><div class="triangle"></div></body>
    </html>

  • icons.css:

    .triangle {
      width: 10px;
      height: 10px;
      background: currentColor;
      clip-path: url(./triangle.svg#x);
    }

  • triangle.svg:

    <svg xmlns="http://www.w3.org/2000/svg">
      <defs>
        <clipPath id="x">
          <path d="M0 0H10V10Z"/>
        </clipPath>
      </defs>
    </svg>

  The CSS uses a URL fragment (the #x) to reference the clipPath element in the SVG file. Previously esbuild's CSS bundler didn't preserve the URL fragment when bundling the SVG using the dataurl loader, which broke the bundled CSS. With this release, esbuild will now preserve the URL fragment in the bundled CSS:

  /* icons.css */
  .triangle {
    width: 10px;
    height: 10px;
    background: currentColor;
    clip-path: url('data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg"><defs><clipPath id="x"><path d="M0 0H10V10Z"/></clipPath></defs></svg>#x');
  }

... (truncated)

Changelog

Sourced from esbuild's changelog.

Changelog: 2024

This changelog documents all esbuild versions published in the year 2024 (versions 0.19.12 through 0.24.2).

0.24.2

• Fix regression with --define and import.meta (#4010, #4012, #4013)

  The previous change in version 0.24.1 to use a more expression-like parser for define values to allow quoted property names introduced a regression that removed the ability to use --define:import.meta=.... Even though import is normally a keyword that can't be used as an identifier, ES modules special-case the import.meta expression to behave like an identifier anyway. This change fixes the regression.

  This fix was contributed by @​sapphi-red.

0.24.1

• Allow es2024 as a target in tsconfig.json (#4004)

  TypeScript recently added es2024 as a compilation target, so esbuild now supports this in the target field of tsconfig.json files, such as in the following configuration file:

  {
    "compilerOptions": {
      "target": "ES2024"
    }
  }

  As a reminder, the only thing that esbuild uses this field for is determining whether or not to use legacy TypeScript behavior for class fields. You can read more in the documentation.

  This fix was contributed by @​billyjanitsch.

• Allow automatic semicolon insertion after get/set

  This change fixes a grammar bug in the parser that incorrectly treated the following code as a syntax error:

  class Foo {
    get
    *x() {}
    set
    *y() {}
  }

  The above code will be considered valid starting with this release. This change to esbuild follows a similar change to TypeScript which will allow this syntax starting with TypeScript 5.7.

• Allow quoted property names in --define and --pure (#4008)

  The define and pure API options now accept identifier expressions containing quoted property names. Previously all identifiers in the identifier expression had to be bare identifiers. This change now makes --define and --pure consistent with --global-name, which already supported quoted property names. For example, the following is now possible:

... (truncated)

Commits

• 9129e00 publish 0.27.3 to npm
• e20e411 small fix to release notes
• 0dc0f2d fix #4322: parse and print CSS @scope rules
• 55fe391 update firefox css gradient support
• 2c35297 update gradient lowering transform
• 9209e44 Update Go to 1.25.7 (#4388)
• e8d861b close #4374: compat table for the using feature
• 19b8887 no longer need williamkapke/node-compat-table
• 7e44218 the kangax/compat-table repo moved to a new url
• 23b9338 run make update-compat-table
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for esbuild since your current version.

Updates lucide-static from 0.370.0 to 0.563.0

Release notes

Sourced from lucide-static's releases.

Version 0.563.0

What's Changed

aria-hidden is by default added to icons components in all packages. This was already added to lucide-react before. Making icons accessible, you can add an aria-label or a title. See docs about accessibility.

All changes

• chore(dev): Enable ligatures in font build configuration by @​dcxo in lucide-icons/lucide#3876
• chore(repo): add Android to brand stopwords by @​karsa-mistmere in lucide-icons/lucide#3895
• fix(site): add missing titles and a title template by @​taimar in lucide-icons/lucide#3920
• fix(site): unify and improve the styling of input fields by @​taimar in lucide-icons/lucide#3919
• fix(icons): changed star-off icon by @​jguddas in lucide-icons/lucide#3952
• fix(icons): changed tickets-plane icon by @​jguddas in lucide-icons/lucide#3928
• fix(icons): changed monitor-off icon by @​jguddas in lucide-icons/lucide#3962
• fix(icons): changed lasso icon by @​jguddas in lucide-icons/lucide#3961
• fix(icons): changed cloud-off icon by @​jguddas in lucide-icons/lucide#3942
• docs(site): added lucide-web-components third-party package by @​midesweb in lucide-icons/lucide#3948
• chore(deps-dev): bump preact from 10.27.2 to 10.27.3 by @​dependabot[bot] in lucide-icons/lucide#3955
• feat(icon): add globe-x icon with metadata by @​Muhammad-Aqib-Bashir in lucide-icons/lucide#3827
• fix(icons): changed waypoints icon by @​karsa-mistmere in lucide-icons/lucide#3990
• fix(icons): changed bookmark icon by @​jguddas in lucide-icons/lucide#2906
• fix(icons): changed message-square-dashed icon by @​jguddas in lucide-icons/lucide#3959
• fix(icons): changed cloudy icon by @​jguddas in lucide-icons/lucide#3966
• fix(github-actions): resolved spelling mistake in gh issue close command by @​jguddas in lucide-icons/lucide#4000
• Update LICENSE by @​alxgraphy in lucide-icons/lucide#4009
• feat(packages): Added aria-hidden fallback for decorative icons to all packages by @​ericfennis in lucide-icons/lucide#3604
• chore(deps): bump lodash from 4.17.21 to 4.17.23 by @​dependabot[bot] in lucide-icons/lucide#4020
• chore(deps): bump lodash-es from 4.17.21 to 4.17.23 by @​dependabot[bot] in lucide-icons/lucide#4019
• Suggest anchoring to a specific lucide version when using a cdn by @​drago1520 in lucide-icons/lucide#3727
• feat(docs): upgraded backers block by @​karsa-mistmere in lucide-icons/lucide#4014
• fix(site): hide native search input clear "X" icon by @​epifaniofrancisco in lucide-icons/lucide#3933
• feat(icons): added printer-x icon by @​lt25106 in lucide-icons/lucide#3941

New Contributors

• @​dcxo made their first contribution in lucide-icons/lucide#3876
• @​midesweb made their first contribution in lucide-icons/lucide#3948
• @​alxgraphy made their first contribution in lucide-icons/lucide#4009
• @​drago1520 made their first contribution in lucide-icons/lucide#3727
• @​lt25106 made their first contribution in lucide-icons/lucide#3941

Full Changelog: lucide-icons/lucide@0.562.0...0.563.0

Version 0.562.0

What's Changed

• fix(icons): changed paint-bucket icon by @​jguddas in lucide-icons/lucide#3880
• fix(site): Fix and unify color-picker font-size by @​taimar in lucide-icons/lucide#3889
• fix(react-native-web): only add className prop to parent Icon component by @​jguddas in lucide-icons/lucide#3892
• fix(lucide-react-native): remove icons namespace export to enable tree-shaking by @​jtomaszewski in lucide-icons/lucide#3868
• feat(icons): added toolbox icon by @​karsa-mistmere in lucide-icons/lucide#3871

... (truncated)

Commits

• e9e060a feat(icons): added printer-x icon (#3941)
• 0371baa fix(site): hide native search input clear "X" icon (#3933)
• 67c0485 feat(scripts): added helper script to automatically update OpenCollective bac...
• c47876e Suggest anchoring to a specific lucide version when using cnd (#3727)
• 96859ba chore(deps): bump lodash-es from 4.17.21 to 4.17.23 (#4019)
• 7dfa7d9 chore(deps): bump lodash from 4.17.21 to 4.17.23 (#4020)
• b6ed43d feat(packages): Added aria-hidden fallback for decorative icons to all packag...
• 9b10d1d Update LICENSE (#4009)
• 442ddbc fix: resolved spelling mistake in gh issue close command (#4000)
• ce5cab3 fix(icons): changed cloudy icon (#3966)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for lucide-static since your current version.

Updates markdown-it from 14.1.0 to 14.1.1

Changelog

Sourced from markdown-it's changelog.

[14.1.1] - 2026-01-11

Security

• Fixed regression from v13 in linkify inline rule. Specific patterns could cause high CPU use. Thanks to @​ltduc147 for report.

Commits

• b4a9b65 14.1.1 released
• 4b4bbca Fixed perf regression in linkify-it wrapper
• d2782d8 Add supplementary example-driven documentation (#1092)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions