[Snyk] Upgrade govuk-frontend from 5.4.1 to 5.6.0

[dhcrees]

Snyk has created this PR to upgrade govuk-frontend from 5.4.1 to 5.6.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 2 versions ahead of your current version.
• The recommended version was released 2 months ago, on 2024-08-29.

Release notes

Package name: govuk-frontend

• 5.6.0 - 2024-08-29
  

  To install this version with npm, run npm install govuk-frontend@5.6.0. You can also find more information about how to stay up to date in our documentation.

  New features

  Make it easier to navigate complex services with the Service navigation component

  We've added a new Service navigation component to help users to navigate services with multiple top-level sections. This replaces the navigation functions of the Header component, which will be deprecated in a future release of GOV.UK Frontend.

  This component includes some features we consider experimental. We intend to iterate these features in response to user feedback. These are:

  • moving the service name from the Header to the Service navigation
  • providing slots for injecting custom HTML into specified locations within the component

  We introduced this change in pull request #5206: Service navigation component.

• 5.5.0 - 2024-08-09
  

  This release includes an updated list of organisations and brand colours. We’ve also added a new feature to stop long words from ‘breaking out’ of components.

  To install this version with npm, run npm install govuk-frontend@5.5.0. You can also find more information about how to stay up to date in our documentation.

  New features

  We've updated the list of organisations and brand colours included in Frontend

  We've overhauled the list of organisations and organisation brand colours that are shipped with GOV.UK Frontend.

  The previous list was outdated and had not kept up with changes to the machinery of government. We’ve updated the list to:

  • add all current government departments and their brand colours
  • add variants of brand colours that meet a 4.5:1 contrast ratio against white, where required
  • provide warnings if defunct organisations are still being referenced in your Sass code

  To enable these changes, set the feature flag variable $govuk-new-organisation-colours to true before you import GOV.UK Frontend in your Sass files:

  // application.scss
  $govuk-new-organisation-colours: true;
  @ import "govuk-frontend/all";

  You can also silence warnings about defunct organisations by adding organisation-colours to the $govuk-suppressed-warnings setting.

  We introduced this change in pull request #3407: Update organisation colours.

  Stop long words breaking out of components with govuk-!-text-break-word

  We've added a new override class to help display long words with no obvious break points when the space is too narrow to display them on one line. An example of a long word might be an email address entered by a user.

  Wrapping the content with the govuk-!-text-break-word class forces words that are too long for the parent element to break onto a new line.

  A confirmation email will be sent to <span class="govuk-!-text-break-word">arthur_phillip_dent.42@peoplepersonalitydivision.siriuscyberneticscorporation.corp</span>.

  Sass users can also use the govuk-text-break-word mixin.

  We introduced this change in pull request #5159: Add break-word typography helper.

  Recommended changes

  Update the $websafe parameter on the govuk-organisation-colour function

  The govuk-organisation-colour Sass function's $websafe parameter has been renamed to $contrast-safe.

  This is to more accurately describe the functionality of the parameter.

  The old parameter name will stop working in the next major version of GOV.UK Frontend.

  We introduced this change in pull request #3407: Update organisation colours.

  Fixes

  We've made fixes to GOV.UK Frontend in the following pull requests:

  • #5046: Skip ‘empty’ tasks in the task list
  • #5066: Fix whitespace affecting text alignment in pagination block variant
  • #5158: Remove ↑ up and ↓ down arrow key bindings from tabs
  • #5191: Fix rendering of Back link's href and text for falsy values
• 5.4.1 - 2024-07-12
  

  To install this version with npm, run npm install govuk-frontend@5.4.1. You can also find more information about how to stay up to date in our documentation.

  Recommended changes

  Update Breadcrumbs to use nav and aria-label

  We've made changes to the Breadcrumbs component to improve how it appears to screen readers.

  We've changed the wrapping element to use the nav tag to expose it as a navigational landmark, and added an aria-label attribute to differentiate it as breadcrumb navigation.

  This change was introduced in pull request #4995: Update Breadcrumb component to improve screen reader accessibility.

  Fixes

  We've made fixes to GOV.UK Frontend in the following pull requests:

  • #5114: Fix divider width for small checkboxes – thanks to @ colinrotherham
  • #5043: Refactor the accordion JavaScript
  • #5044: Remove session storage checks from accordion JavaScript
  • #5060: Reintroduce additional bottom margin to Error Summary content
  • #5070: Fix alignment of content in conditional checkboxes and radio buttons
  • #5090: Remove redundant tag CSS from phase banner

from govuk-frontend GitHub release notes

Commit messages

Package name: govuk-frontend

• a5a50ea Merge pull request #5274 from alphagov/release-5.6.0
• 8dcbb4e Release v5.6.0
• dd473a3 Merge pull request #5206 from alphagov/service-navigation-component
• 414298b Update changelog
• 37877d0 Add service navigation component
• 3362ddf Merge pull request #5269 from alphagov/dependabot/npm_and_yarn/micromatch-4.0.8
• 79fd793 Bump micromatch from 4.0.7 to 4.0.8
• 8acdba6 Merge pull request #5266 from alphagov/dependabot/npm_and_yarn/caniuse-lite-1.0.30001653
• f7ac619 Merge pull request #5265 from alphagov/dependabot/npm_and_yarn/testing-library/jest-dom-6.5.0
• e473fa4 Merge pull request #5264 from alphagov/dependabot/npm_and_yarn/marked-14.1.0
• c7aff83 Bump caniuse-lite from 1.0.30001651 to 1.0.30001653
• f47287a Bump @ testing-library/jest-dom from 6.4.8 to 6.5.0
• c2bec99 Bump marked from 14.0.0 to 14.1.0
• f927863 Merge pull request #5246 from alphagov/dependabot/npm_and_yarn/marked-14.0.0
• 759ab33 Merge pull request #5259 from alphagov/dependabot/npm_and_yarn/test-3e2a9e259a
• cd60178 Manually update puppeteer-core from 22.3.0 to 23.1.1
• 25d6203 Merge pull request #5207 from alphagov/changelog-update-docs
• 55fca0b Merge pull request #5260 from alphagov/dependabot/npm_and_yarn/types-2c84eb52ee
• 1abe548 Bump @ types/node from 22.4.1 to 22.5.0 in the types group
• eaea630 Merge pull request #5263 from alphagov/dependabot/npm_and_yarn/mini-css-extract-plugin-2.9.1
• 99ccc58 Bump the test group across 1 directory with 5 updates
• 9f1a6fe Merge pull request #5262 from alphagov/dependabot/npm_and_yarn/husky-9.1.5
• 82f628a Bump mini-css-extract-plugin from 2.9.0 to 2.9.1
• c770c15 Merge pull request #5261 from alphagov/dependabot/npm_and_yarn/sass-loader-16.0.1

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs