Bump braces, @storybook/react, babel-jest, webpack, mini-css-extract-plugin and react-scripts

[dependabot]

Bumps braces to 3.0.3 and updates ancestor dependencies braces, @storybook/react, babel-jest, webpack, mini-css-extract-plugin and react-scripts. These dependencies need to be updated together.

Updates braces from 2.3.2 to 3.0.3

Changelog

Sourced from braces's changelog.

Release history

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

• Changelogs are for humans, not machines.
• There should be an entry for every single version.
• The same types of changes should be grouped.
• Versions and sections should be linkable.
• The latest version comes first.
• The release date of each versions is displayed.
• Mention whether you follow Semantic Versioning.

Changelog entries are classified using the following labels (from keep-a-changelog):

• Added for new features.
• Changed for changes in existing functionality.
• Deprecated for soon-to-be removed features.
• Removed for now removed features.
• Fixed for any bug fixes.
• Security in case of vulnerabilities.

[3.0.0] - 2018-04-08

v3.0 is a complete refactor, resulting in a faster, smaller codebase, with fewer deps, and a more accurate parser and compiler.

Breaking Changes

• The undocumented .makeRe method was removed
• Require Node.js >= 8.3

Non-breaking changes

• Caching was removed

Commits

• See full diff in compare view

Updates @storybook/react from 5.3.21 to 10.0.2

Release notes

Sourced from @​storybook/react's releases.

v10.0.2

10.0.2

• CLI: Fix glob string formatting in csf-factories codemod - #32880, thanks @​yannbf!
• Core: Improve file path resolution on Windows - #32893, thanks @​yannbf!
• Vite: Update `optimizeViteDeps` for addon-docs and addon-vitest - #32881, thanks @​ndelangen!

v10.0.1

10.0.1

• Presets: Fix incorrect imports - #32875, thanks @​ndelangen!
• Upgrade: Satellite compatible with 10.1 prerelease - #32877, thanks @​ndelangen!

v10.0.0

10.0.0

Storybook 10 contains one breaking change: it’s ESM-only. This simplifies our distribution and reduces install size by 29% while simultaneously unminifying dist code for easier debugging. It also includes features to level up your UI development, documentation, and testing workflows:

• 🧩 Module automocking for easier testing
• 🏭 Typesafe CSF factories Preview for React
• 💫 UI editing and sharing optimizations
• 🏷️ Tag filtering exclusion and configuration for sidebar management
• 🔀 Next 16, Vitest 4, Svelte async components, and more!

• A11Y: Bugfix missing `manager.js` entry-file - #32780, thanks @​ndelangen!
• A11y: Persist tab/highlight across docs navigation - #32762, thanks @​404Dealer!
• Addon A11y: Prevent setting highlights for old results - #32178, thanks @​ghengeveld!
• Addon Docs: Fix Symbol conversion issue in docs page and controls panel - #32220, thanks @​yannbf!
• Addon Vitest: Fix incorrect file modifications during setup - #32844, thanks @​yannbf!
• Addon Vitest: Support modifying mergeConfig on addon setup - #32753, thanks @​yannbf!
• Addon-docs: Add eject button to canvas toolbar - #29825, thanks @​mihkeleidast!
• AddonA11Y: Fix postinstall - #32309, thanks @​ndelangen!
• AddonViewport: Stricter types - #32324, thanks @​hpohlmeyer!
• Angular: Add fileURLToPath for preview annotation paths - #32812, thanks @​brandonroberts!
• Angular: Fix `entry.polyfills` undefined error - #32230, thanks @​sk-pub!
• Angular: Inherit options from browserTarget - #32108, thanks @​gingeekrishna!
• AutoMigration: Fix sb10 migration when main config contains `require` - #32558, thanks @​ndelangen!
• Build: Fix dts bundling external detection - #32366, thanks @​mrginglymus!
• Cleanup: Remove duplicated entrypoints in core - #32507, thanks @​ndelangen!
• CLI: Add addon-console automigration - #32083, thanks @​Sidnioulz!
• CLI: Avoid mixed CSF in files with unconventional stories - #32716, thanks @​yannbf!
• CLI: Change message in downgrade-blocker - #32745, thanks @​ndelangen!
• CLI: CSF factories codemod - support annotations in npx context - #32741, thanks @​yannbf!
• CLI: Fix CSF factories addon syncing in storybook add command - #32728, thanks @​yannbf!
• CLI: Fix throwing in readonly environments - #31785, thanks @​JReinhold!
• CLI: Init not running `dev` when it should fixed - #32457, thanks @​ndelangen!

... (truncated)

Changelog

Sourced from @​storybook/react's changelog.

10.0.2

• CLI: Fix glob string formatting in csf-factories codemod - #32880, thanks @​yannbf!
• Core: Improve file path resolution on Windows - #32893, thanks @​yannbf!
• Vite: Update optimizeViteDeps for addon-docs and addon-vitest - #32881, thanks @​ndelangen!

10.0.1

• Presets: Fix incorrect imports - #32875, thanks @​ndelangen!
• Upgrade: Satellite compatible with 10.1 prerelease - #32877, thanks @​ndelangen!

10.0.0

Storybook 10 contains one breaking change: it’s ESM-only. This simplifies our distribution and reduces install size by 29% while simultaneously unminifying dist code for easier debugging. It also includes features to level up your UI development, documentation, and testing workflows:

• 🧩 Module automocking for easier testing
• 🏭 Typesafe CSF factories Preview for React
• 💫 UI editing and sharing optimizations
• 🏷️ Tag filtering exclusion and configuration for sidebar management
• 🔀 Next 16, Vitest 4, Svelte async components, and more!

• A11Y: Bugfix missing manager.js entry-file - #32780, thanks @​ndelangen!
• A11y: Persist tab/highlight across docs navigation - #32762, thanks @​404Dealer!
• Addon A11y: Prevent setting highlights for old results - #32178, thanks @​ghengeveld!
• Addon Docs: Fix Symbol conversion issue in docs page and controls panel - #32220, thanks @​yannbf!
• Addon Vitest: Fix incorrect file modifications during setup - #32844, thanks @​yannbf!
• Addon Vitest: Support modifying mergeConfig on addon setup - #32753, thanks @​yannbf!
• Addon-docs: Add eject button to canvas toolbar - #29825, thanks @​mihkeleidast!
• AddonA11Y: Fix postinstall - #32309, thanks @​ndelangen!
• AddonViewport: Stricter types - #32324, thanks @​hpohlmeyer!
• Angular: Add fileURLToPath for preview annotation paths - #32812, thanks @​brandonroberts!
• Angular: Fix entry.polyfills undefined error - #32230, thanks @​sk-pub!
• Angular: Inherit options from browserTarget - #32108, thanks @​gingeekrishna!
• AutoMigration: Fix sb10 migration when main config contains require - #32558, thanks @​ndelangen!
• Build: Fix dts bundling external detection - #32366, thanks @​mrginglymus!
• Cleanup: Remove duplicated entrypoints in core - #32507, thanks @​ndelangen!
• CLI: Add addon-console automigration - #32083, thanks @​Sidnioulz!
• CLI: Avoid mixed CSF in files with unconventional stories - #32716, thanks @​yannbf!
• CLI: Change message in downgrade-blocker - #32745, thanks @​ndelangen!
• CLI: CSF factories codemod - support annotations in npx context - #32741, thanks @​yannbf!
• CLI: Fix CSF factories addon syncing in storybook add command - #32728, thanks @​yannbf!
• CLI: Fix throwing in readonly environments - #31785, thanks @​JReinhold!
• CLI: Init not running dev when it should fixed - #32457, thanks @​ndelangen!
• CLI: Make relative imports default in csf-factories codemod - #32610, thanks @​copilot-swe-agent!
• CLI: Switch over to modern-tar - #32763, thanks @​ayuhito!
• Codemod: Replace globby with tinyglobby - #31407, thanks @​benmccann!

... (truncated)

Commits

• 06d0c2f Bump version from "10.0.1" to "10.0.2" [skip ci]
• ce1c3b9 Bump version from "10.0.0" to "10.0.1" [skip ci]
• 88a02e6 Bump version from "10.0.0-rc.4" to "10.0.0" [skip ci]
• 05d448b Bump version from "10.0.0-rc.3" to "10.0.0-rc.4" [skip ci]
• 7286625 Bump version from "10.0.0-rc.2" to "10.0.0-rc.3" [skip ci]
• aba3791 Merge pull request #32645 from storybookjs/norbert/mark-pnp-deprecated
• d075427 Bump version from "10.0.0-rc.1" to "10.0.0-rc.2" [skip ci]
• 800be77 Merge branch 'next' into pr/mrginglymus/32837
• 2fe97e5 Merge pull request #32802 from mrginglymus/no-semver-react
• e055907 Merge branch 'next' into norbert/mark-pnp-deprecated
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​storybook/react since your current version.

Updates babel-jest from 26.6.3 to 30.2.0

Release notes

Sourced from babel-jest's releases.

30.2.0

Chore & Maintenance

• [*] Update example repo for testing React Native projects (#15832)
• [*] Update jest-watch-typeahead to v3 (#15830)

Features

• [jest-environment-jsdom-abstract] Add support for JSDOM v27 (#15834)

Fixes

• [babel-jest] Export the TransformerConfig interface (#15820)
• [jest-config] Fix jest.config.ts with TS loader specified in docblock pragma (#15839)

30.1.3

Fixes

• Fix unstable_mockModule with node: prefixed core modules.

30.1.2

Fixes

• [jest-snapshot-utils] Correct snapshot header regexp to work with newline across OSes (#15803)

30.1.1

Fixes

• [jest-snapshot-utils] Fix deprecated goo.gl snapshot warning not handling Windows end-of-line sequences (#15800)

30.1.0

Features

• [jest-leak-detector] Configurable GC aggressiveness regarding to V8 heap snapshot generation (#15793)
• [jest-runtime] Reduce redundant ReferenceError messages
• [jest-core] Include test modules that failed to load when --onlyFailures is active

Fixes

• `[jest-snapshot-utils] Fix deprecated goo.gl snapshot guide link not getting replaced with fully canonical URL (#15787)
• [jest-circus] Fix it.concurrent not working with describe.skip (#15765)
• [jest-snapshot] Fix mangled inline snapshot updates when used with Prettier 3 and CRLF line endings
• [jest-runtime] Importing from @jest/globals in more than one file no longer breaks relative paths (#15772)

Chore

• [expect] Update docblock for toContain() to display info on substring check (#15789)

30.0.2

What's Changed

... (truncated)

Changelog

Sourced from babel-jest's changelog.

30.2.0

Chore & Maintenance

• [*] Update example repo for testing React Native projects (#15832)
• [*] Update jest-watch-typeahead to v3 (#15830)

Features

• [jest-environment-jsdom-abstract] Add support for JSDOM v27 (#15834)

Fixes

• [jest-matcher-utils] Fix infinite recursion with self-referential getters in deepCyclicCopyReplaceable (#15831)
• [babel-jest] Export the TransformerConfig interface (#15820)
• [jest-config] Fix jest.config.ts with TS loader specified in docblock pragma (#15839)

30.1.3

Fixes

• Fix unstable_mockModule with node: prefixed core modules.

30.1.2

Fixes

• [jest-snapshot-utils] Correct snapshot header regexp to work with newline across OSes (#15803)

30.1.1

Fixes

• [jest-snapshot-utils] Fix deprecated goo.gl snapshot warning not handling Windows end-of-line sequences (#15800)
• [jest-snapshot-utils] Improve messaging about goo.gl snapshot link change (#15821)

30.1.0

Features

• [jest-leak-detector] Configurable GC aggressiveness regarding to V8 heap snapshot generation (#15793)
• [jest-runtime] Reduce redundant ReferenceError messages
• [jest-core] Include test modules that failed to load when --onlyFailures is active

Fixes

• [jest-snapshot-utils] Fix deprecated goo.gl snapshot guide link not getting replaced with fully canonical URL (#15787)
• [jest-circus] Fix it.concurrent not working with describe.skip (#15765)
• [jest-snapshot] Fix mangled inline snapshot updates when used with Prettier 3 and CRLF line endings
• [jest-runtime] Importing from @jest/globals in more than one file no longer breaks relative paths (#15772)

... (truncated)

Commits

• 855864e v30.2.0
• d2a2491 Support Babel 8 in plugins and presets (#15750)
• ddf97f7 Export TransformerConfig interface from babel-jest (#15820)
• 15e3e7c Update babel-plugin-istanbul to 7.0.1 (#15813)
• ebfa31c v30.1.2
• d347c0f v30.1.1
• 4d5f41d v30.1.0
• 22236cf v30.0.5
• f4296d2 v30.0.4
• 393acbf v30.0.2
• Additional commits viewable in compare view

Updates webpack from 4.47.0 to 5.102.1

Release notes

Sourced from webpack's releases.

v5.102.1

Fixes

• Supported extends with env for browserslist
• Supported JSONP fragment format for web workers.
• Fixed dynamic import support in workers using browserslist.
• Fixed default defer import mangling.
• Fixed default import of commonjs externals for SystemJS format.
• Fixed context modules to the same file with different import attributes.
• Fixed typescript types.
• Improved import.meta warning messages to be more clear when used directly.
• [CSS] Fixed CC_UPPER_U parsing (E -> U) in tokenizer.

v5.102.0

Features

• Added static analyze for dynamic imports
• Added support for import file from "./file.ext" with { type: "bytes" } to get the content as Uint8Array (look at example)
• Added support for import file from "./file.ext" with { type: "text" } to get the content as text (look at example)
• Added the snapshot.contextModule to configure snapshots options for context modules
• Added the extractSourceMap option to implement the capabilities of loading source maps by comment, you don't need source-map-loader (look at example)
• The topLevelAwait experiment is now stable (you can remove experiments.topLevelAwait from your webpack.config.js)
• The layers experiment is now stable (you can remove experiments.layers from your webpack.config.js)
• Added function matcher support in rule options

Fixes

• Fixed conflicts caused by multiple concatenate modules
• Ignore import failure during HMR update with ES modules output
• Keep render module order consistent
• Prevent inlining modules that have this exports
• Removed unused timeout attribute of script tag
• Supported UMD chunk format to work in web workers
• Improved CommonJs bundle to ES module library
• Use es-lexer for mjs files for build dependencies
• Fixed support __non_webpack_require__ for ES modules
• Properly handle external modules for CSS
• AssetsByChunkName included assets from chunk.auxiliaryFiles
• Use createRequire only when output is ES module and target is node
• Typescript types

Performance Improvements

• Avoid extra calls for snapshot
• A avoid extra jobs for build dependencies
• Move import attributes to own dependencies

v5.101.3

... (truncated)

Commits

• c7ebdbd chore(release): 5.102.1
• b7530c2 fix(css): correct CC_UPPER_U typo (E -> U) (#19989)
• f3ef142 fix: defer import mangling (#19988)
• d32f171 fix: hash options types (#19987)
• 436fc7d chore(deps): bump CodSpeedHQ/action from 4.1.0 to 4.1.1 (#19986)
• c7dd066 fix: context modules with import attributes (#19984)
• 85bacbd fix: default import of commonjs externals for SystemJS format
• 7634cd2 docs: update examples (#19982)
• 9f98d80 fix: javascript parser options types (#19980)
• 8804459 chore(deps): bump CodSpeedHQ/action from 4.0.1 to 4.1.0 (#19977)
• Additional commits viewable in compare view

Updates mini-css-extract-plugin from 0.9.0 to 2.9.4

Release notes

Sourced from mini-css-extract-plugin's releases.

v2.9.4

2.9.4 (2025-08-11)

Bug Fixes

• hmr crash in some situations (#1140) (f67c05a)

v2.9.3

2.9.3 (2025-08-04)

Bug Fixes

• should update initial chunks correctly with filename (dab023f)

v2.9.2

2.9.2 (2024-11-01)

Bug Fixes

• prefetch and preload runtime generation (#1116) (58c6b74)

v2.9.1

2.9.1 (2024-08-19)

Bug Fixes

• add export default {} when CSS modules enabled and a file is empty for the defaultExport option (8f77e19)

v2.9.0

2.9.0 (2024-04-16)

Features

• add support for link preload/prefetch (#1043) (ee25e51)
• added the defaultExport option to generate default and named export together (#1084) (74ae781)

Bug Fixes

• avoid reloading all csses when hot load (#1090) (1a56673)

v2.8.1

2.8.1 (2024-02-27)

... (truncated)

Changelog

Sourced from mini-css-extract-plugin's changelog.

2.9.4 (2025-08-11)

Bug Fixes

• hmr crash in some situations (#1140) (f67c05a)

2.9.3 (2025-08-04)

Bug Fixes

• should update initial chunks correctly with filename (dab023f)

2.9.2 (2024-11-01)

Bug Fixes

• prefetch and preload runtime generation (#1116) (58c6b74)

2.9.1 (2024-08-19)

Bug Fixes

• add export default {} when CSS modules enabled and a file is empty for the defaultExport option (8f77e19)

2.9.0 (2024-04-16)

Features

• add support for link preload/prefetch (#1043) (ee25e51)
• added the defaultExport option to generate default and named export together (#1084) (74ae781)

Bug Fixes

• avoid reloading all csses when hot load (#1090) (1a56673)

2.8.1 (2024-02-27)

Bug Fixes

• add nonce if __webpack_nonce__ has been defined (c7f0aee)

2.8.0 (2024-02-01)

... (truncated)

Commits

• 29df465 chore(release): 2.9.4
• f67c05a fix: hmr crash in some situations (#1140)
• ba231e2 chore(deps-dev): bump webpack-dev-server from 4.15.2 to 5.2.1 (#1138)
• 82355f8 chore: eslint migration (#1137)
• e07dd41 chore(release): 2.9.3
• 2d3f477 ci: add Node.js 24 (#1136)
• 9642a3a chore(deps): update (#1135)
• dab023f fix: should update initial chunks correctly with filename
• 6351aa3 docs: fix typos and improve clarity in contribution guidelines (#1127)
• 554277b docs: fix typos and improve clarity in README.md (#1128)
• Additional commits viewable in compare view

Updates react-scripts from 3.4.4 to 5.0.1

Commits

• 19fa58d Publish
• 9802941 fix: webpack noise printed only if error or warning (#12245)
• 2eef1d0 Update templates to use React 18 createRoot (#12220)
• 221e511 Publish
• 5614c87 Add support for Tailwind (#11717)
• 20edab4 fix(webpackDevServer): disable overlay for warnings (#11413)
• 3afbbc0 Update all dependencies (#11624)
• f5467d5 feat(eslint-config-react-app): support ESLint 8.x (#11375)
• c7627ce Update webpack and dev server (#11646)
• 544befe Update package.json (#11597)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.