chore(deps): update devdependency happy-dom to v20

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
happy-dom	^18.0.1 -> ^20.0.7

---

Release Notes

capricorn86/happy-dom (happy-dom)

v20.0.7

Compare Source

👷‍♂️ Patch fixes

• Fix incorrect handling of >= operator in media query parser - By @​lkritsimas in task #​1869

v20.0.6

Compare Source

👷‍♂️ Patch fixes

• Changes implementation for DOMTokenList.forEach(), Headers.forEach() and NodeList.forEach() to be spec compliant - By @​ikeyan in task #​1858

v20.0.5

Compare Source

👷‍♂️ Patch fixes

• The setter TreeWalker.currentNode should validate if the value is a Node - By @​capricorn86 in task #​1935

v20.0.4

Compare Source

👷‍♂️ Patch fixes

• Only adds buttons to FormData if they are the submitter - By @​maxmil and @​
  karpiuMG in task #​1859

v20.0.3

Compare Source

👷‍♂️ Patch fixes

• Moves URL resolution to after checking if module preloading is enabled to prevent URL errors to be thrown when unresolvable - By @​iam-medvedev in task #​1851
• Fixes issue where CSS variables aren't parsed correctly when inside CSS functions - By @​fimion in task #​1837

v20.0.2

Compare Source

👷‍♂️ Patch fixes

• Adds frozen intrinsics flag to workers in @happy-dom/server-renderer - By @​capricorn86 in task #​1934

v20.0.1

Compare Source

👷‍♂️ Patch fixes

• Adds warning for environment with unfrozen intrinsics (builtins) when JavaScript evaluation is enabled- By @​capricorn86 in task #​1932
  • A security advisory has been reported showing that the recommended preventive measure of running Node.js with --disallow-code-generation-from-strings wasn't enough to protect against attackers escaping the VM context and accessing process-level functions. Big thanks to @​cristianstaicu for reporting this!
  • The documentation for how to run Happy DOM with JavaScript evaluation enabled in a safer way has been updated. Read more about it in the Wiki

v20.0.0

Compare Source

I avoid making breaking changes as much as possible in Happy DOM. When I have to make a breaking change, I try to keep it as minimal as possible. This could be a breaking change that impacts many projects, and I am truly sorry if you are negatively affected by this.

💣 Breaking Changes

• Due to security risks, JavaScript evaluation is now disabled by default - By @​capricorn86 in task #​1930
  • A security advisory (GHSA-37j7-fg3j-429f) has been reported that shows a security vulnerability where it's possible to escape the VM context and get access to process level functionality. Big thanks to @​Mas0nShi for reporting this!
  • Due to this security risk, JavaScript evaluation is now disabled by default to prevent that consumers accidentally executes untrusted code without taking precautions
  • JavaScript evaluation can be enabled by setting enableJavaScriptEvaluation to "true". Read more about how to enable this in a safer way in the Wiki

v19.0.2

Compare Source

👷‍♂️ Patch fixes

• Fixes issue related to CSS pseudo selector :scope that didn't work correctly for direct descendants to root - By @​capricorn86 in task #​1620

v19.0.1

Compare Source

👷‍♂️ Patch fixes

• Fixes issue with sending in URLs as string in @happy-dom/server-renderer config using CLI - By @​capricorn86 in task #​1908

v19.0.0

Compare Source

💣 Breaking Changes

• Removes support for CommonJS - By @​capricorn86 in task #​1730
  • Support for CommonJS is no longer needed as Node.js v18 is deprecated and v20 and above supports loading ES modules from CommonJS using require()
• Updates Jest to v30 in the @happy-dom/jest-environment package - By @​capricorn86 in task #​1730
• Makes Jest packages peer dependencies to make it easier to align versions with the project using @happy-dom/jest-environment - By @​capricorn86 in task #​1730

🎨 Features

• Adds a new package called @happy-dom/server-renderer - By @​capricorn86 in task #​1730
  • This package provides a simple way to statically render (SSG) or server-side render (SSR) your client-side application
  • Read more in the Wiki under Server-Renderer
• Adds support for import.meta to the ESM compiler - By @​capricorn86 in task #​1730
• Adds support for the CSS pseudo selector :scope - By @​capricorn86 in task #​1620
• Improves support for MediaList - By @​capricorn86 in task #​1730
• Adds support for CSSKeywordValue, CSSStyleValue, StylePropertyMap, StylePropertyMap, StylePropertyMapReadOnly - By @​capricorn86 in task #​1730
• Improves debug information in the ESM compiler - By @​capricorn86 in task #​1730
• Adds validation of browser settings when creating a new Browser instance - By @​capricorn86 in task #​1730
• Adds support for the browser setting navigation.beforeContentCallback which makes it possible to inject event listeners or logic before content is loaded to the document when navigating a browser frame - By @​capricorn86 in task #​1730
• Adds support for the browser setting fetch.requestHeaders which provides with a declarative and simple way to add request headers - By @​capricorn86 in task #​1730
• Adds support for setting an object to timer.preventTimerLoops which makes it possible to define different settings for setTimeout() and requestAnimationFrame() - By @​capricorn86 in task #​1730
• Adds support for the browser setting viewport which makes it possible to define a default viewport size - By @​capricorn86 in task #​1730
• Adds support for the parameters beforeContentCallback and headers to BrowserFrame.goto(), BrowserFrame.goBack(), BrowserFrame.goForward(), BrowserFrame.goSteps() and BrowserFrame.reload() - By @​capricorn86 in task #​1730
• Adds support for PopStateEvent and trigger the event when navigating the page history using History.pushState() - By @​capricorn86 in task #​1730
• Use local file paths for virtual server files in stack traces - By @​capricorn86 in task #​1730
• Adds support for ResponseCache.fileSystem.load() and ResponseCache.fileSystem.save() for storing and loading cache from the file system - By @​capricorn86 in task #​1730

👷‍♂️ Patch fixes

• Fixes a bug in the ESM compiler that caused it to fail to parse certain code - By @​capricorn86 in task #​1730
• Disables the same origin policy when navigating a browser frame using BrowserFrame.goto() - By @​capricorn86 in task #​1730
• Fixes bug where CSS selectors with the pseudos "+" and ">" failed for selectors without arguments - By @​capricorn86 in task #​1730
• Adds try and catch to listeners for events dispatched from XMLHttpRequest to prevent it from being set to an invalid state if a listener throws an Error - By @​capricorn86 in task #​1730

---

Configuration

📅 Schedule: Branch creation - "on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[netlify]

❌ Deploy Preview for nuxt-tailwindcss failed. Why did it fail? →

Name	Link
🔨 Latest commit	c849f5a
🔍 Latest deploy log	https://app.netlify.com/projects/nuxt-tailwindcss/deploys/68f5a8cdf456d70008e3e6d6

[what-the-diff]

PR Summary

• Updated Dependency Version
  The version of the 'happy-dom' dependency used in the project has been updated. This could enhance the performance of the project and potentially bring new features or bug fixes from the latest version.