Drop support for Node.js v12

[RobinMalfait]

This PR drops support for Node.js v12 and updates any dependencies that were locked to old versions to their latest maintained versions. This makes Node.js v14 a minimum requirement for Tailwind CSS.

The primary motivation for this change is to update our transitive dependency on yaml to resolve CVE-2023-2251. While this CVE is not really relevant to a build-time project like Tailwind, it causes warnings for lots of people who check for these sorts of things in CI (by running npm audit for example) and creates a lot of headache.

We were originally going to wait until Tailwind CSS v4.0 to drop support for Node.js v12, but since it is end-of-life and hasn't been receiving security updates since 2022-04-30, we've decided we're comfortable making this change sooner even though it will require upgrading to a maintained version of Node.js for people that are still using v12.

Resolves #11081.

[capitalist]

For anyone wondering it's CVE-2023-2251 - might be worth mentioning in the changelog on the off chance that there's a second CVE in a short timeframe

[levrik]

Edit 2:

Okay. There is also a reference from official quick-lru release notes to @alloc/quick-lru in https://github.com/sindresorhus/quick-lru/releases/tag/v6.0.0. Sorry for the noise but the introduction of a dependency whose source cannot easily be tracked down to a repository looked very fishy at first.

Edit:

After searching more I found https://github.com/aleclarson/quick-lru/commits/v5 as likely source of the @alloc/quick-lru package. It seems to backport some changes from quick-lru 6.x to 5.x

In an automated dependency upgrade PR I just saw the @alloc/quick-lru package being added via Tailwind. I couldn't really find the source of this package (it seems to be a fork of quick-lru?) so it looked a bit suspicious to me. This PR seems to have replaced it but I can't find a reason stated here for the switch. So I wonder now: Why has this been switched and where can I find the source of it?