Bump the combined-dependencies group across 1 directory with 3 updates

[dependabot]

Bumps the combined-dependencies group with 3 updates in the / directory: @sentry/browser, govuk-frontend and sass.

Updates @sentry/browser from 8.37.1 to 8.40.0

Release notes

Sourced from @​sentry/browser's releases.

8.40.0

Important Changes

• feat(angular): Support Angular 19 (#14398)

  The @sentry/angular SDK can now be used with Angular 19. If you're upgrading to the new Angular version, you might want to migrate from the now deprecated APP_INITIALIZER token to provideAppInitializer. In this case, change the Sentry TraceService initialization in app.config.ts:

  // Angular 18
  export const appConfig: ApplicationConfig = {
    providers: [
      // other providers
      {
        provide: TraceService,
        deps: [Router],
      },
      {
        provide: APP_INITIALIZER,
        useFactory: () => () => {},
        deps: [TraceService],
        multi: true,
      },
    ],
  };
  // Angular 19
  export const appConfig: ApplicationConfig = {
  providers: [
  // other providers
  {
  provide: TraceService,
  deps: [Router],
  },
  provideAppInitializer(() => {
  inject(TraceService);
  }),
  ],
  };

• feat(core): Deprecate debugIntegration and sessionTimingIntegration (#14363)

  The debugIntegration was deprecated and will be removed in the next major version of the SDK. To log outgoing events, use Hook Options (beforeSend, beforeSendTransaction, ...).

  The sessionTimingIntegration was deprecated and will be removed in the next major version of the SDK. To capture session durations alongside events, use Context (Sentry.setContext()).

• feat(nestjs): Deprecate @WithSentry in favor of @SentryExceptionCaptured (#14323)

... (truncated)

Changelog

Sourced from @​sentry/browser's changelog.

8.40.0

Important Changes

• feat(angular): Support Angular 19 (#14398)

  The @sentry/angular SDK can now be used with Angular 19. If you're upgrading to the new Angular version, you might want to migrate from the now deprecated APP_INITIALIZER token to provideAppInitializer. In this case, change the Sentry TraceService initialization in app.config.ts:

  // Angular 18
  export const appConfig: ApplicationConfig = {
    providers: [
      // other providers
      {
        provide: TraceService,
        deps: [Router],
      },
      {
        provide: APP_INITIALIZER,
        useFactory: () => () => {},
        deps: [TraceService],
        multi: true,
      },
    ],
  };
  // Angular 19
  export const appConfig: ApplicationConfig = {
  providers: [
  // other providers
  {
  provide: TraceService,
  deps: [Router],
  },
  provideAppInitializer(() => {
  inject(TraceService);
  }),
  ],
  };

• feat(core): Deprecate debugIntegration and sessionTimingIntegration (#14363)

  The debugIntegration was deprecated and will be removed in the next major version of the SDK. To log outgoing events, use Hook Options (beforeSend, beforeSendTransaction, ...).

  The sessionTimingIntegration was deprecated and will be removed in the next major version of the SDK. To capture session durations alongside events, use Context (Sentry.setContext()).

... (truncated)

Commits

• 7ff467c release: 8.40.0
• 87a90a3 Merge pull request #14425 from getsentry/prepare-release/8.40.0
• 5841854 meta(changelog): Update changelog for 8.40.0
• d140ae6 Merge remote-tracking branch 'origin/master' into prepare-release/8.40.0
• 90f958f ci: Skip optional E2E tests on release branches (#14424)
• 6535500 feat(replay): Clear event buffer when full and in buffer mode (#14078)
• 85daf90 fix(feedback): Fix non-wrapping form title (#14355)
• ec701fd Merge pull request #14412 from getsentry/develop
• 138417b test(feedback): Fixes lazy loaded feedback bundles (#14410)
• c1ccdf3 Merge pull request #14408 from getsentry/prepare-release/8.40.0
• Additional commits viewable in compare view

Updates govuk-frontend from 5.6.0 to 5.7.1

Release notes

Sourced from govuk-frontend's releases.

GOV.UK Frontend v5.7.1

To install this version with npm, run npm install govuk-frontend@5.7.1. You can also find more information about how to stay up to date in our documentation.

Recommended changes

Stop setting a value for File upload components

The File upload component currently supports a value parameter, which populates the value HTML attribute of the input.

However, since no modern browser supports passing a value to a file input, we've made the decision to remove this parameter. It has been deprecated and will be removed in a future version of GOV.UK Frontend.

We introduced this change in [pull request #5330: Deprecate File upload component's value parameter](alphagov/govuk-frontend#5330).

Fixes

We've made fixes to GOV.UK Frontend in the following pull requests:

• #5396: Update various department brand colours

GOV.UK Frontend v5.7.0

To install this version with npm, run npm install govuk-frontend@5.7.0. You can also find more information about how to stay up to date in our documentation.

New features

The Royal Arms has been updated

The Royal Arms in the GOV.UK footer has been updated to reflect the version introduced by King Charles III.

If your service does not use the image directly from the Frontend package, you should ensure the new image is being copied to your service’s image assets folder. By default this folder is located at /assets/images.

If you’re using Nunjucks, the asset path may have been changed by the assetPath global variable or assetsPath parameter on the header component.

Copy the govuk-crest.svg file from /dist/assets/images into your assets folder.

You can safely delete the old image files, named govuk-crest.png and govuk-crest-2x.png.

We introduced this change in [pull request #5376: Update the Royal Arms graphic in footer (v5.x)](alphagov/govuk-frontend#5376).

Components will not longer initialise twice on the same element

GOV.UK Frontend components now throw an error if they've already been initialised on the DOM Element they're receiving for initialisation. This prevents components from being initialised more than once and therefore not working properly.

We introduced this change in [pull request #5272: Prevent multiple initialisations of a single component instance](alphagov/govuk-frontend#5272)

Respond to initialisation errors when using createAll and initAll

We've added a new onError option for createAll and initAll that lets you respond to initialisation errors. The functions will continue catching errors and initialising components further down the page if one component fails to initialise, but this option will let you react to a component failing to initialise. For example, to allow reporting to an error monitoring service.

... (truncated)

Changelog

Sourced from govuk-frontend's changelog.

v5.7.1 (Fix release)

To install this version with npm, run npm install govuk-frontend@5.7.1. You can also find more information about how to stay up to date in our documentation.

Recommended changes

Stop setting a value for File upload components

The File upload component currently supports a value parameter, which populates the value HTML attribute of the input.

However, since no modern browser supports passing a value to a file input, we've made the decision to remove this parameter. It has been deprecated and will be removed in a future version of GOV.UK Frontend.

We introduced this change in [pull request #5330: Deprecate File upload component's value parameter](alphagov/govuk-frontend#5330).

Fixes

We've made fixes to GOV.UK Frontend in the following pull requests:

• #5396: Update various department brand colours

v5.7.0 (Feature release)

To install this version with npm, run npm install govuk-frontend@5.7.0. You can also find more information about how to stay up to date in our documentation.

New features

The Royal Arms has been updated

The Royal Arms in the GOV.UK footer has been updated to reflect the version introduced by King Charles III.

If your service does not use the image directly from the Frontend package, you should ensure the new image is being copied to your service’s image assets folder. By default this folder is located at /assets/images.

If you’re using Nunjucks, the asset path may have been changed by the assetPath global variable or assetsPath parameter on the header component.

Copy the govuk-crest.svg file from /dist/assets/images into your assets folder.

You can safely delete the old image files, named govuk-crest.png and govuk-crest-2x.png.

We introduced this change in [pull request #5376: Update the Royal Arms graphic in footer (v5.x)](alphagov/govuk-frontend#5376).

Components will not longer initialise twice on the same element

GOV.UK Frontend components now throw an error if they've already been initialised on the DOM Element they're receiving for initialisation. This prevents components from being initialised more than once and therefore not working properly.

We introduced this change in [pull request #5272: Prevent multiple initialisations of a single component instance](alphagov/govuk-frontend#5272)

Respond to initialisation errors when using createAll and initAll

We've added a new onError option for createAll and initAll that lets you respond to initialisation errors.

... (truncated)

Commits

• 77521fc Merge pull request #5400 from alphagov/release-5.7.1
• 23569ac Release v5.7.1
• 782fba5 Merge pull request #5330 from alphagov/file-upload-deprecate-value-param
• 8a95be4 Mark file upload ‘value’ parameter as deprecated
• 4e1ccea Merge pull request #5396 from alphagov/update-organisation-colours-oct-2024
• 617ef04 Update for Scotland and Wales office rebrands
• 1bc77e1 Update DCMS, Defra, DSIT and FCDO brand colours
• 6805620 Merge pull request #5390 from alphagov/component-options-this-root
• 663748a Merge pull request #5394 from alphagov/release-5.7.0
• 9fb4b89 Release v5.7.0
• Additional commits viewable in compare view

Updates sass from 1.80.6 to 1.81.0

Release notes

Sourced from sass's releases.

Dart Sass 1.81.0

To install Sass 1.81.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• Fix a few cases where deprecation warnings weren't being emitted for global built-in functions whose names overlap with CSS calculations.

• Add support for the CSS round() calculation with a single argument, as long as that argument might be a unitless number.

See the full changelog for changes in earlier releases.

Dart Sass 1.80.7

To install Sass 1.80.7, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

Embedded Host

• Don't treat 0 as undefined for the green and blue channels in the LegacyColor constructor.

See the full changelog for changes in earlier releases.

Changelog

Sourced from sass's changelog.

1.81.0

• Fix a few cases where deprecation warnings weren't being emitted for global built-in functions whose names overlap with CSS calculations.

• Add support for the CSS round() calculation with a single argument, as long as that argument might be a unitless number.

1.80.7

Embedded Host

• Don't treat 0 as undefined for the green and blue channels in the LegacyColor constructor.

Commits

• 57a6853 Add support for CSS round() with one unitless argument (#2436)
• e400bdd Support @forward in sass-parser (#2435)
• d1fefb6 Add a changelog entry for sass/embedded-host-node#349 (#2434)
• 871aefa Bump immutable from 4.3.7 to 5.0.2 in /package (#2432)
• 3bc8426 Bump immutable from 4.3.7 to 5.0.2 (#2431)
• 01a2148 Bump bufbuild/buf-setup-action in /.github/util/initialize (#2427)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.