chore(deps): update dependency jsdom to v27

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
jsdom	^25.0.0 -> ^27.0.0

---

Release Notes

jsdom/jsdom (jsdom)

v27.0.0

Compare Source

Changes since 26.1.0

• Node.js v20 is now the minimum supported version.
• Added a variety of event constructors, even though we do not implement their associated specifications or ever fire them: BeforeUnloadEvent, BlobEvent, DeviceMotionEvent (omitting requestPermission()), DeviceOrientationEvent (omitting requestPermission()), PointerEvent, PromiseRejectionEvent, and TransitionEvent.
• Added movementX and movementY to MouseEvent. (These are from the Pointer Lock specification, the rest of which is not implemented.)
• Added customElements.getName(). (mash-graz)
• Updated the virtual console:
  • "jsdomError" events are now documented, with specific type properties and other properties that depend on the type.
  • sendTo() was renamed to forwardTo().
  • The jsdomErrors option to forwardTo() can be used to control which errors are sent to the Node.js console. This replaces the previous omitJSDOMErrors boolean option.
  • "jsdomError"s for failed XMLHttpRequest fetches are no longer emitted.
  • The values that are printed when forwarding "jsdomError"s to the Node.js console are streamlined.
• Switched our CSS selector engine from nwsapi to @asamuzakjp/dom-selector, closing over 20 selector-related bugs.
• Upgraded tough-cookie, which now considers URLs like http://localhost/ to be secure contexts (per the spec), and thus will return Secure-flagged cookies for such URLs. (colincasey)
• Upgraded cssstyle, which brings along many improvements and fixes to the CSSStyleDeclaration object and its properties.
• Updated the user agent stylesheet to be derived from the HTML Standard, instead of from an old revision of Chromium.
• Changed element.click() to fire a PointerEvent instead of a MouseEvent.
• Changed certain events to be passive by default.
• Changed the <input> element's pattern="" attribute to use the v regular expression flag, instead of u.
• Fixed many specification conformance issues with the Window object, including named properties and changing various data properties to accessor properties.
• Fixed document.createEvent() to accept a more correct set of event names.
• Fixed the ElementInternals accessibility getters and setters. (They were introduced in v23.1.0, but due to inadequate test coverage never actually worked.)
• Fixed using Object.defineProperty() on certain objects, such as HTMLSelectElement instances.
• Fixed jsdom.reconfigure({ url }) not updating document.baseURI or properties derived from it. (This regressed in v26.1.0.)
• Fixed CSS system colors, as well as the initial, inherit, and unset keywords, to resolve correctly. (asamuzaK)
• Fixed CSS display style resolution. (asamuzaK)

Changes since 27.0.0-beta.3

• Upgraded cssstyle, which brings along various CSS parsing fixes.

v26.1.0

Compare Source

• Added at least partial support for various SVG elements and their classes: <defs> (SVGDefsElement), <desc> (SVGDescElement), <g> (SVGGElement), <metadata> (SVGMetadataElement), <switch> (SVGSwitchElement), and <symbol> (SVGSymbolElement).
• Added SVGAnimatedPreserveAspectRatio and SVGAnimatedRect, including support in the reflection layer.
• Added the SVGSVGElement createSVGRect() method, and the SVGRect type (which is distinct from DOMRect.)
• Added indexed property support to HTMLFormElement.
• Updated the SVGElement viewportElement() method to correctly establish the viewport based on ancestor elements.
• Removed the now-bloated form-data dependency in favor of our own smaller implementation of multipart/form-data serialization. No functional changes are expected.
• Various performance improvements, caches, microoptimizations, and deferred object creation.

v26.0.0

Compare Source

Breaking change: canvas peer dependency requirement has been upgraded from v2 to v3. (sebastianwachter)

Other changes:

• Added AbortSignal.any(). (jdbevan)
• Added initial support for form-associated custom elements, in particular making them labelable and supporting the ElementInternals labels property. The form-associated callbacks are not yet supported. (hesxenon)
• Updated whatwg-url, adding support for URL.parse().
• Updated cssstyle and rrweb-cssom, to improve CSS parsing capabilities.
• Updated nwsapi, improving CSS selector matching.
• Updated parse5, fixing a bug around <noframes> elements and HTML entity decoding.
• Fixed JSDOM.fromURL() to properly reject the returned promise if the server redirects to an invalid URL, instead of causing an uncaught exception.

v25.0.1

Compare Source

• Updated dependencies, notably tough-cookie, which no longer prints a deprecation warning.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: package-lock.json

npm warn Unknown env config "store". This will stop working in the next major version of npm.
npm warn Unknown project config "shamefully-flatten". This will stop working in the next major version of npm.
npm error code ERESOLVE
npm error ERESOLVE could not resolve
npm error
npm error While resolving: @sveltejs/[email protected]
npm error Found: [email protected]
npm error node_modules/svelte
npm error   dev svelte@"^4.2.19" from the root project
npm error   peerOptional svelte@"^3.37.0 || ^4.0.0" from [email protected]
npm error   node_modules/eslint-plugin-svelte
npm error     dev eslint-plugin-svelte@"^2.34.0" from the root project
npm error   3 more (svelte-check, svelte-eslint-parser, svelte-preprocess)
npm error
npm error Could not resolve dependency:
npm error peer svelte@"^5.0.0" from @sveltejs/[email protected]
npm error node_modules/@sveltejs/vite-plugin-svelte
npm error   dev @sveltejs/vite-plugin-svelte@"^5.0.0" from the root project
npm error   peer @sveltejs/vite-plugin-svelte@"^5.0.0" from @sveltejs/[email protected]
npm error   node_modules/@sveltejs/vite-plugin-svelte/node_modules/@sveltejs/vite-plugin-svelte-inspector
npm error     @sveltejs/vite-plugin-svelte-inspector@"^4.0.1" from @sveltejs/[email protected]
npm error
npm error Conflicting peer dependency: [email protected]
npm error node_modules/svelte
npm error   peer svelte@"^5.0.0" from @sveltejs/[email protected]
npm error   node_modules/@sveltejs/vite-plugin-svelte
npm error     dev @sveltejs/vite-plugin-svelte@"^5.0.0" from the root project
npm error     peer @sveltejs/vite-plugin-svelte@"^5.0.0" from @sveltejs/[email protected]
npm error     node_modules/@sveltejs/vite-plugin-svelte/node_modules/@sveltejs/vite-plugin-svelte-inspector
npm error       @sveltejs/vite-plugin-svelte-inspector@"^4.0.1" from @sveltejs/[email protected]
npm error
npm error Fix the upstream dependency conflict, or retry
npm error this command with --force or --legacy-peer-deps
npm error to accept an incorrect (and potentially broken) dependency resolution.
npm error
npm error
npm error For a full report see:
npm error /runner/cache/others/npm/_logs/2025-09-26T00_05_32_687Z-eresolve-report.txt
npm error A complete log of this run can be found in: /runner/cache/others/npm/_logs/2025-09-26T00_05_32_687Z-debug-0.log