[Snyk] Security upgrade stylelint from 11.1.1 to 15.10.1

[adamlaska]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: stylelint

The new version differs by 250 commits.

• fb8cf35 15.10.1
• eeed72b Prepare release (nodejs.org offline nodejs/nodejs.org#7048)
• 8090553 Document check of configs in release process (Website is down for me nodejs/nodejs.org#7047)
• 56a545e Security fix for `semver` vulnerability (fix(action): correct lint path, clean up warnings, fix lints nodejs/nodejs.org#7043)
• a42f955 Fix rules documentation for `media-query-no-invalid` (Package: compile-mdx nodejs/nodejs.org#7044)
• e56aa30 15.10.0
• c9e89eb Prepare release (Use annotations to suppress false-positive security warnings nodejs/nodejs.org#6974)
• b8e5317 Fix `selector-type-case` performance (fix: added missing cache nodejs/nodejs.org#7041)
• f82a24a Fix `selector-anb-no-unmatchable` performance (Is orama search on the main page broken? nodejs/nodejs.org#7042)
• 16110fd Revert removed changelog entry (Fix dropdown cutoff issue for long text in mobile view (#7035) nodejs/nodejs.org#7039)
• 59d5bf9 Add support JS objects for extends config option (Basic nodejs/nodejs.org#6998)
• 888192d Fix `patch-package` warning (Meta: having a doc/guide about how to write page nodejs/nodejs.org#7036)
• 74c90b3 Refactor `replaceBackslashes()` test utility to migrate to ESM (Ensure Trusted Code Checkout in GitHub Actions Workflow nodejs/nodejs.org#7034)
• 15c15b6 Refactor to use `sourceIndices` utility from `@ csstools/css-parser-algorithms` (meta: bump the lint group across 1 directory with 5 updates nodejs/nodejs.org#7033)
• 3f91eaa Bump lint-staged from 13.2.2 to 13.2.3 (chore: added new certification promo nodejs/nodejs.org#7029)
• 3948f47 Bump fast-glob from 3.2.12 to 3.3.0 (TypeScript article: Add experimental-strip-types note nodejs/nodejs.org#7030)
• 8bb207c Bump typescript from 5.1.3 to 5.1.6 (chore: updated ESLint to v9 with flat config nodejs/nodejs.org#7032)
• fff5ee3 Bump eslint from 8.43.0 to 8.44.0 (Node download failure nodejs/nodejs.org#7031)
• 5775ba0 Bump @ changesets/cli from 2.26.1 to 2.26.2 (question about /learn content nodejs/nodejs.org#7028)
• 21e7345 Fix `selector-type-no-unknown` performance (Blog: v22.8.0 release post nodejs/nodejs.org#7027)
• cf73360 Fix `no-descending-specificity` performance (Add additional information for running mjs code example nodejs/nodejs.org#7026)
• b919a0b Refactor `lib/rules/__tests__/*` test files to migrate to ESM (meta: bump github/codeql-action from 3.25.15 to 3.26.6 nodejs/nodejs.org#7024)
• 366e0d8 Switch Jest `coverageProvider` from `babel` (default) to `v8` (meta: bump micromatch from 4.0.7 to 4.0.8 nodejs/nodejs.org#7025)
• 1d145f9 Refactor `lib/utils/__tests__/*` test files to migrate to ESM (meta: bump chromaui/action from 11.7.0 to 11.7.1 nodejs/nodejs.org#7022)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

[socket-security]

New dependencies detected. Learn more about Socket for GitHub ↗︎

Packages	Version	New capabilities	Transitives	Size	Publisher
stylelint	15.10.1	None	+35	4.37 MB	mattxwang