Bump the frontend group with 7 updates

[dependabot]

Bumps the frontend group with 7 updates:

Package	From	To
@babel/preset-env	7.29.0	7.29.2
@sentry/browser	10.42.0	10.47.0
babel-loader	10.0.0	10.1.1
caniuse-lite	1.0.30001776	1.0.30001782
mini-css-extract-plugin	2.10.0	2.10.2
terser-webpack-plugin	5.3.17	5.4.0
webpack	5.105.3	5.105.4

Updates @babel/preset-env from 7.29.0 to 7.29.2

Release notes

Sourced from @​babel/preset-env's releases.

v7.29.2 (2026-03-16)

👓 Spec Compliance

• babel-parser
  • #17840 [7.x backport] async x => {} must be in leading pos (@​JLHwung)

🐛 Bug Fix

• babel-helpers, babel-plugin-transform-async-generator-functions, babel-preset-env, babel-runtime-corejs3
  • #17805 [7.x backport] fix: Properly handle await in finally (@​liuxingbaoyu)
• babel-preset-env
  • #17789 [7.x backport] preset-env include/exclude should accept bugfix plugins (@​JLHwung)

🏠 Internal

• #17813 chore: update eslint peer deps (@​JLHwung)

Committers: 2

• Huáng Jùnliàng (@​JLHwung)
• @​liuxingbaoyu

v7.29.1 (2026-02-04)

🐛 Bug Fix

• babel-standalone
  • #17771 [7.x backport] fix: ensure targets.esmodules is validated (@​JLHwung)
• babel-generator
  • #17776 [7.x backport] Fix undefined when 64 indents (@​liuxingbaoyu)

Committers: 2

• Huáng Jùnliàng (@​JLHwung)
• @​liuxingbaoyu

Commits

• 37d5595 v7.29.2
• 1c0a08d [7.x backport] fix: Properly handle await in finally (#17805)
• 061bf95 [7.x backport] preset-env include/exclude should accept bugfix plugins (#17789)
• See full diff in compare view

Updates @sentry/browser from 10.42.0 to 10.47.0

Release notes

Sourced from @​sentry/browser's releases.

10.47.0

Important Changes

• feat(node-core): Add OTLP integration for node-core/light (#19729)

  Added otlpIntegration at @sentry/node-core/light/otlp for users who manage their own OpenTelemetry setup and want to send trace data to Sentry without adopting the full @sentry/node SDK.

  import { NodeTracerProvider } from '@opentelemetry/sdk-trace-node';
  import * as Sentry from '@sentry/node-core/light';
  import { otlpIntegration } from '@sentry/node-core/light/otlp';
  const provider = new NodeTracerProvider();
  provider.register();
  Sentry.init({
  dsn: 'DSN',
  integrations: [
  otlpIntegration({
  // Export OTel spans to Sentry via OTLP (default: true)
  setupOtlpTracesExporter: true,
  }),
  ],
  });

  The integration links Sentry errors to OTel traces and exports spans to Sentry via OTLP.

• feat(node, bun): Add runtime metrics integrations for Node.js and Bun (#19923, #19979)

  New nodeRuntimeMetricsIntegration and bunRuntimeMetricsIntegration automatically collect runtime health metrics and send them to Sentry on a configurable interval (default: 30s). Collected metrics include memory (RSS, heap used/total), CPU utilization, event loop utilization, and process uptime. Node additionally collects event loop delay percentiles (p50, p99). Extra metrics like CPU time and external memory are available as opt-in.

  // Node.js
  import * as Sentry from '@sentry/node';
  Sentry.init({
  dsn: '...',
  integrations: [Sentry.nodeRuntimeMetricsIntegration()],
  });
  // Bun
  import * as Sentry from '@​sentry/bun';
  Sentry.init({
  dsn: '...',
  integrations: [Sentry.bunRuntimeMetricsIntegration()],
  });

... (truncated)

Changelog

Sourced from @​sentry/browser's changelog.

10.47.0

Important Changes

• feat(node-core): Add OTLP integration for node-core/light (#19729)

  Added otlpIntegration at @sentry/node-core/light/otlp for users who manage their own OpenTelemetry setup and want to send trace data to Sentry without adopting the full @sentry/node SDK.

  import { NodeTracerProvider } from '@opentelemetry/sdk-trace-node';
  import * as Sentry from '@sentry/node-core/light';
  import { otlpIntegration } from '@sentry/node-core/light/otlp';
  const provider = new NodeTracerProvider();
  provider.register();
  Sentry.init({
  dsn: 'DSN',
  integrations: [
  otlpIntegration({
  // Export OTel spans to Sentry via OTLP (default: true)
  setupOtlpTracesExporter: true,
  }),
  ],
  });

  The integration links Sentry errors to OTel traces and exports spans to Sentry via OTLP.

• feat(node, bun): Add runtime metrics integrations for Node.js and Bun (#19923, #19979)

  New nodeRuntimeMetricsIntegration and bunRuntimeMetricsIntegration automatically collect runtime health metrics and send them to Sentry on a configurable interval (default: 30s). Collected metrics include memory (RSS, heap used/total), CPU utilization, event loop utilization, and process uptime. Node additionally collects event loop delay percentiles (p50, p99). Extra metrics like CPU time and external memory are available as opt-in.

  // Node.js
  import * as Sentry from '@sentry/node';
  Sentry.init({
  dsn: '...',
  integrations: [Sentry.nodeRuntimeMetricsIntegration()],
  });
  // Bun
  import * as Sentry from '@​sentry/bun';
  Sentry.init({
  dsn: '...',
  integrations: [Sentry.bunRuntimeMetricsIntegration()],

... (truncated)

Commits

• a5a4e73 release: 10.47.0
• c7477bb Merge pull request #20050 from getsentry/prepare-release/10.47.0
• 3d4e38d meta(changelog): Update changelog for 10.47.0
• 2c0ce6f feat(deps): Bump OpenTelemetry dependencies (#20046)
• 8f08fcb fix(browser-tests): Pin axios to 1.13.5 to avoid compromised 1.14.1 (#20047)
• 3815492 fix(profiling): Disable profiling in worker threads (#20040)
• 61edc25 Merge pull request #19890 from getsentry/fix/react-router-debug-id-double-inj...
• 28f94f3 fix(react-router): Disable debug ID injection in Vite plugin to prevent doubl...
• 9bfc682 ref(browser-tests): Add waitForMetricRequest helper (#20002)
• 08cab24 fix(node): Deduplicate sentry-trace and baggage headers on outgoing reque...
• Additional commits viewable in compare view

Updates babel-loader from 10.0.0 to 10.1.1

Release notes

Sourced from babel-loader's releases.

v10.1.1

What's Changed

• Revert #1055 ("use module.findPackageJSON API") by @​JLHwung in babel/babel-loader#1066

Full Changelog: babel/babel-loader@v10.1.0...v10.1.1

v10.1.0

What's Changed

• refactor: use module.findPackageJSON API by @​JLHwung in babel/babel-loader#1055
• Enable type checking and support Babel 8 by @​JLHwung in babel/babel-loader#1056
• Bump js-yaml from 4.1.0 to 4.1.1 by @​dependabot[bot] in babel/babel-loader#1059
• fix: mark webpack as optional peer dependency by @​chenjiahan in babel/babel-loader#1061
• Bump webpack from 5.101.0 to 5.104.1 by @​dependabot[bot] in babel/babel-loader#1062
• Bump glob from 10.4.5 to 10.5.0 by @​dependabot[bot] in babel/babel-loader#1060
• Bump minimatch from 3.1.2 to 3.1.5 by @​dependabot[bot] in babel/babel-loader#1063
• Pin Node.js on CI by @​nicolo-ribaudo in babel/babel-loader#1064

New Contributors

• @​chenjiahan made their first contribution in babel/babel-loader#1061

Full Changelog: babel/babel-loader@v10.0.0...v10.1.0

Commits

• da60210 10.1.1
• a0a2617 Revert #1055 ("use module.findPackageJSON API") (#1066)
• de09ee1 10.1.0
• e34c360 Pin Node.js on CI (#1064)
• 3c1e180 Bump minimatch from 3.1.2 to 3.1.5 (#1063)
• e0d4add Bump glob from 10.4.5 to 10.5.0 (#1060)
• 77e2a66 Bump webpack from 5.101.0 to 5.104.1 (#1062)
• faa5dbb fix: mark webpack as optional peer dependency (#1061)
• 146dad2 Bump js-yaml from 4.1.0 to 4.1.1 (#1059)
• 2479ed2 Enable type checking and support Babel 8 (#1056)
• Additional commits viewable in compare view

Updates caniuse-lite from 1.0.30001776 to 1.0.30001782

Commits

• f455430 Update caniuse-db 1.0.30001782
• 311d8db Update caniuse-db 1.0.30001781
• da39da8 Update caniuse-db 1.0.30001780
• 984281a Update caniuse-db 1.0.30001779
• 1386a01 Update caniuse-db 1.0.30001778
• 825f178 Update caniuse-db 1.0.30001777
• See full diff in compare view

Updates mini-css-extract-plugin from 2.10.0 to 2.10.2

Release notes

Sourced from mini-css-extract-plugin's releases.

v2.10.2

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

2.10.2 (2026-03-26)

Bug Fixes

• use matchResource for importModule when available (#1162) (143693e)

v2.10.1

2.10.1 (2026-03-10)

Bug Fixes

• handle null module.layer in renderContentAsset (#1159) (0233180)

Changelog

Sourced from mini-css-extract-plugin's changelog.

2.10.2 (2026-03-26)

Bug Fixes

• use matchResource for importModule when available (#1162) (143693e)

2.10.1 (2026-03-10)

Bug Fixes

• handle null module.layer in renderContentAsset (#1159) (0233180)

Commits

• d50f981 chore(release): 2.10.2
• b02c8ac test: more (#1163)
• 143693e fix: use matchResource for importModule when available (#1162)
• da57ee5 chore(release): 2.10.1
• 1e73d98 test: fix (#1160)
• 0233180 fix: handle null module.layer in renderContentAsset (#1159)
• See full diff in compare view

Updates terser-webpack-plugin from 5.3.17 to 5.4.0

Release notes

Sourced from terser-webpack-plugin's releases.

v5.4.0

5.4.0 (2026-03-10)

Features

• added ability to minimize JSON using jsonMinify (#657) (29ac915)

Changelog

Sourced from terser-webpack-plugin's changelog.

5.4.0 (2026-03-10)

Features

• added ability to minimizer JSON using jsonMinify (#657) (29ac915)

Commits

• 543da6e chore(release): 5.4.0
• 29ac915 feat: added ability to minimizer JSON using jsonMinify (#657)
• e505dee fix: align with code
• See full diff in compare view

Updates webpack from 5.105.3 to 5.105.4

Release notes

Sourced from webpack's releases.

v5.105.4

Patch Changes

• Add Module.getSourceBasicTypes to distinguish basic source types and clarify how modules with non-basic source types like remote still produce JavaScript output. (by @​xiaoxiaojx in #20546)

• Handle createRequire in expressions. (by @​alexander-akait in #20549)

• Fixed types for multi stats. (by @​alexander-akait in #20556)

• Remove empty needless js output for normal css module. (by @​JSerFeng in #20162)

• Update enhanced-resolve to support new features for tsconfig.json. (by @​alexander-akait in #20555)

• Narrows export presence guard detection to explicit existence checks on namespace imports only, i.e. patterns like "x" in ns. (by @​hai-x in #20561)

Changelog

Sourced from webpack's changelog.

5.105.4

Patch Changes

• Add Module.getSourceBasicTypes to distinguish basic source types and clarify how modules with non-basic source types like remote still produce JavaScript output. (by @​xiaoxiaojx in #20546)

• Handle createRequire in expressions. (by @​alexander-akait in #20549)

• Fixed types for multi stats. (by @​alexander-akait in #20556)

• Remove empty needless js output for normal css module. (by @​JSerFeng in #20162)

• Update enhanced-resolve to support new features for tsconfig.json. (by @​alexander-akait in #20555)

• Narrows export presence guard detection to explicit existence checks on namespace imports only, i.e. patterns like "x" in ns. (by @​hai-x in #20561)

Commits

• 27c13b4 chore(release): new release (#20550)
• 9b2f41e chore: bump terser plugin (#20569)
• eafe060 fix: narrow the export presence guard detection (#20561)
• 75d605c refactor: add AppendOnlyStackedSet iteration support and tests (#20560)
• afa607d refactor: remove unused code (#20562)
• 4098902 test: add source files for web-webworker and web-webworker-auto-public-path (...
• f97be67 refactor: fix duplicated word in Compilation JSDoc (#20547)
• 9d76fff refactor: add Module.getSourceBasicTypes for basic JS type detection (#20546)
• a3d7839 fix: types for multi stats (#20556)
• b8e9b05 fix: update enhanced-resolve to support new features for tsconfig.json (#...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions