Bump json5 and postcss-modules in /supports-webp-app

[dependabot]

Removes json5. It's no longer used after updating ancestor dependency postcss-modules. These dependencies need to be updated together.

Removes json5

Updates postcss-modules from 4.0.0 to 4.3.1

Changelog

Sourced from postcss-modules's changelog.

4.3.1

• Fixed errors when using shorthand selectors by Felix Bruns (@​fxb) madyankin/postcss-modules#130

4.3.0

• Updated the generic-names dependency to reduce packages size by Bogdan Chadkin (@​TrySound) madyankin/postcss-modules#129

4.2.2

• Fix the build

4.2.1

• Fixed the resolve option behaviour by @​kamilic madyankin/postcss-modules#127

4.2.0

• Added the resolve option to configure lookup paths for composes/from by @​kamilic madyankin/postcss-modules#126

4.1.3

• Fixed package contents

4.1.1

• Fixed TypeScript typings by Shuman Lim (@​origin-master) madyankin/postcss-modules#124

4.1.0

• Added TypeScript typings by Shuman Lim (@​origin-master) madyankin/postcss-modules#123

Commits

• 171b8c8 4.3.1
• 8bd118d Merge branch 'master' of github.com:css-modules/postcss-modules
• f3bfc6d Update changelog
• a400e14 Add tests for :global and :local shorthand selectors.
• 3c8ba0c Use localByDefault plugin for both local and global behaviours.
• d7cefc4 4.3.0
• 8737b69 Update changelog
• cf9e208 Update package-lock.json
• 5bd346c Upgrade generic-names
• b7e0d41 Update copyright note
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.