build(deps-dev): bump chokidar from 4.0.3 to 5.0.0

[dependabot]

Bumps chokidar from 4.0.3 to 5.0.0.

Release notes

Sourced from chokidar's releases.

5.0.0

• Make the package ESM-only. Reduces on-disk package size from ~150kb to ~80kb
• Increase minimum node.js version to v20.19. The versions starting from it support loading esm files from cjs
• fix: Make types more precise paulmillr/chokidar#1424
• perf: re-use double slash regex paulmillr/chokidar#1435
• Update readdirp to ESM-only v5
• Lots of minor improvements in tests
• Increase security of NPM releases. Switch to token-less Trusted Publishing, with help of jsbt
• Switch compilation mode to isolatedDeclaration-based typescript for simplified auto-generated docs

New Contributors

• @​mhkeller made their first contribution in paulmillr/chokidar#1426
• @​btea made their first contribution in paulmillr/chokidar#1432

Full Changelog: paulmillr/chokidar@4.0.3...5.0.0

Commits

• c0c8d20 Release 5.0.0.
• b211cec Remove src from npm
• 8742246 Upgrade dev deps, jsbt, ci files. Upgrade readdirp to v5.
• de5a34c Merge pull request #1442 from paulmillr/flaky-buns
• c08a6c4 fix: throttle based on dir + target
• 0c55ab3 test: wait for explicit calls in directory test
• ce81be5 perf: re-use double slash regex (#1435)
• 7d9c1ed Merge pull request #1433 from paulmillr/super-matrices
• 3915541 Merge pull request #1430 from paulmillr/esm-only
• 9308bed chore: use Nodejs 24 in CI (#1432)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for chokidar since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

Note

Upgrade dev dependency chokidar to v5, updating special-pages/package.json and lockfile (including transitive readdirp and Node engine constraints).

• Dependencies:
  • Bump chokidar from ^4.0.3 to ^5.0.0 in special-pages/package.json.
  • Update lockfile:
    • chokidar → 5.0.0 (ESM-only; Node >=20.19.0).
    • Transitive readdirp → 5.0.0 (Node >=20.19.0).

^{Written by Cursor Bugbot for commit c8692bc. This will update automatically on new commits. Configure here.}

[netlify]

✅ Deploy Preview for content-scope-scripts canceled.

Name	Link
🔨 Latest commit	c8692bc
🔍 Latest deploy log	https://app.netlify.com/projects/content-scope-scripts/deploys/6936a764c7d15e0008f56493

[github-actions]

Temporary Branch Update

The temporary branch has been updated with the latest changes. Below are the details:

• Branch Name: pr-releases/pr-2070
• Commit Hash: d54a79f87797a6e7252030fd633a725ddabe4c92
• Last Updated: December 8, 2025 at 10:25:09 AM UTC
• Install Command: npm i github:duckduckgo/content-scope-scripts#d54a79f87797a6e7252030fd633a725ddabe4c92

Please use the above install command to update to the latest version.

[jonathanKingston]

@cursoragent can you review against our current code and outline potential impacts based on the changelogs of the update? Can you check if this dep is still widely used?

[cursor]

Chokidar 5.0.0 Impact Review

Usage in Codebase

Chokidar is only used in special-pages/watch.mjs (line 5, 69) as a dev dependency for the local watch script. Usage is minimal:

function watchNode(named, pathToWatch, predicate) {
    console.log(`will run ${named} following changes in ${pathToWatch}`);
    watch(pathToWatch, { ignoreInitial: true }).on('all', (event, path) => {
        if (!predicate(event, path)) return;
        // ... debounced job execution
    });
}

Changelog Impact Analysis

Change	Impact
ESM-only	✅ None - project already uses ESM ("type": "module", .mjs files)
Node >=20.19	✅ None - project uses Node 22 (.nvmrc)
API changes	✅ None - watch(), ignoreInitial, .on('all') all unchanged
More precise types	Minor benefit for TypeScript
Regex perf improvement	Minor benefit

Popularity Check

Still extremely widely used:

• ~103M weekly downloads
• ~404M monthly downloads
• Core dependency of webpack, vite, rollup, and most build tools

Recommendation

Safe to merge. This is a low-risk upgrade:

1. Dev dependency only (not shipped to production)
2. API usage is basic and fully compatible
3. Project already meets all new requirements (ESM, Node 22)
4. No breaking changes affect our usage pattern

---

 

_{Learn more about Cursor Agents}

[cursor]

Cursor Agent can help with this pull request. Just @cursor in comments and I'll start working on changes in this branch.
_{Learn more about Cursor Agents}

[github-actions]

[Beta] Generated file diff

Time updated: Mon, 08 Dec 2025 10:25:34 GMT