build(deps): bump ua-parser-js and @11ty/eleventy in /docs

[dependabot]

Removes ua-parser-js. It's no longer used after updating ancestor dependency @11ty/eleventy. These dependencies need to be updated together.

Removes ua-parser-js

Updates @11ty/eleventy from 1.0.1 to 2.0.0

Release notes

Sourced from @​11ty/eleventy's releases.

Eleventy v2.0.0: Now with twice as many Possums

🚨 The full release notes are available on The Eleventy Blog: Eleventy v2.0.0 or you can watch me talk about v2.0 on YouTube.

Eleventy v2.0.0 is now available! You can try it out now:

# Local project
npm install @11ty/eleventy@latest
Global install
npm install @​11ty/eleventy@​latest -g

• Read more about local versus global installation.
• Watch a short video about 2.0 on YouTube.

New to Eleventy?

Eleventy is a flexible and production-ready site generator known for its zero-client JavaScript footprint, speedy sites, speedy builds, and full control over the output. Watch The State of Eleventy in Two Minutes or read more about Eleventy’s project goals.

The Big Features

Smaller, More Secure

• ✅ Dependencies decreased by 32.1%: 211 modules (311 in v1.0.2)
• ✅ node_modules file weight decreased by 77.8%: 34.3 MB (155 MB in v1.0.2)
• ✅ 30.5% faster npm install time

Faster Builds

• Improved build performance (tested on a sample 500 page site against v1.0.2) using:
  • Liquid: ✅ 18.18% faster
  • Nunjucks: ✅ 17.74% faster
  • Markdown (with Liquid): ✅ 17.95% faster
  • JavaScript (11ty.js): ✅ 8.33% faster
• --incremental for incremental builds #108
  • Smarter incremental builds with support for layout dependencies, registered dependencies on custom templates, dependencies in pagination data or eleventyImport #975
• --ignore-initial command line option to skip the first build (best paired with --incremental)
• Use emulated passthrough copy to serve passthrough files directly without triggering a build (will still work with live reload) #2456

Plugins

• Support for WebC, the new single file format for web components
• Eleventy Edge will render Eleventy templates in an Edge Function for dynamic content (bundled with Eleventy)
• Eleventy Dev Server replaces Browsersync, adds support for DOM-diffing live reloads. #1305 (bundled with Eleventy)
• Render Plugin will render any template syntax inside other files (bundled with Eleventy)
• Internationalization (i18n) Plugin makes it easy to create localized sites (bundled with Eleventy)
• HTML <base> Plugin makes it easy to deploy your site to any folder path without changing any content (works great with the path prefix feature) (bundled with Eleventy)
• Support for the Vite plugin

... (truncated)

Changelog

Sourced from @​11ty/eleventy's changelog.

Dependency notes

• @iarna/toml has a 3.0 that we have never been on but it was released the same day as the last 2.x https://github.com/BinaryMuse/toml-node/commits/master (needs more investigation)

List of dependencies that went ESM

• @sindresorhus/slugify ESM at 2.x
• multimatch is ESM at 6
• bcp-47-normalize at 1.x

Release Procedure

1. (Optional) Update minor dependencies in package.json
   • npx npm-check-updates
   • or npm outdated + npm update --save
2. If the minimum Node version changed, make sure you update package.json engines property.
   • Make sure the error message works correctly for Node versions less than 10.
     • 0.12.x+ requires Node 10+
     • 1.x+ requires Node 12+
     • 2.x+ requires Node 14+
3. rm -rf node_modules && rm -f package-lock.json && npm install
4. npm audit
5. Make sure npx ava runs okay
6. Update version in package.json
   • (Canary) Use -canary.1 suffix
   • (Beta) Use -beta.1 suffix
7. Run npm run coverage
8. Check it all in and commit
9. Tag new version
10. Release
    • (Canary) npm publish --access=public --tag=canary
      • NOTE: that in 3.0 we need to switch this to alpha to avoid 11ty/eleventy#2758
    • (Beta) npm publish --access=public --tag=beta
      • NOTE: When releasing a beta, make sure to also release a canary to mitigate 11ty/eleventy#2758.
    • (Main) npm publish --access=public
11. (Optional) Build and commit a new the eleventy-edge-cdn project to generate a new Eleventy Edge lib.

Unfortunate note about npm canary tag: if you push a 1.0.0-canary.x to canary after a 2.0.0-canary.x, it will use the last pushed tag when you npm install from canary (not the highest version number)

Docs/Website (Main releases only)

1. Maybe search for 2.0.0-canary. or 2.0.0-beta. in the docs copy to update to the stable release, if applicable.
2. Check in a new 11ty-website site with updated package.json version.
3. Add version to 11ty-website versions.json
4. Commit it
5. Create a new branch for branched version
6. (Main) Check out the previous version git branch and add outdated: true to _data/config.json and commit/push.
7. Go to https://app.netlify.com/sites/11ty/settings/domain and set up a subdomain for it.

Release Notes on GitHub (Main releases only)

... (truncated)

Commits

• 05c6263 v2.0.0
• 5c2a5bf Update dev-dependencies
• 7ed1fef Merge pull request #2781 from danburzo/mdlib-set
• 97243b6 v2.0.0-beta.3
• 55e0a62 v2.0.0-canary.35
• 23b80d9 Merge pull request #2783 from mrmartineau/fix/serverless-var
• 9f13b8e Fixes serverlessFilePath is not defined (2.0.0-beta.2) #2782
• b466258 Make markdown library .set() method optional
• bde84b4 v2.0.0-beta.2
• 6f877de v2.0.0-canary.34
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

[socket-security]

Socket Security Pull Request Report

👍 No new dependency issues detected in pull request

Pull request report summary

Issue	Status
Install scripts	✅ 0 issues
Native code	✅ 0 issues
Bin script confusion	✅ 0 issues
Bin script shell injection	✅ 0 issues
Unresolved require	✅ 0 issues
Invalid package.json	✅ 0 issues
HTTP dependency	✅ 0 issues
Git dependency	✅ 0 issues
Potential typo squat	✅ 0 issues
Known Malware	✅ 0 issues
Telemetry	✅ 0 issues
Protestware/Troll package	✅ 0 issues

Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@2.4.2

Powered by socket.dev