Bump reffy from 20.0.16 to 21.0.0

[dependabot]

Bumps reffy from 20.0.16 to 21.0.0.

Changelog

Sourced from reffy's changelog.

v21.0.0 - 2026-05-07

Breaking changes

Minimal version of Node.js needed to run Reffy is now v22.19.0 (was v20.18.1). This change is triggered by the latest dependency bump of the Undici library (#2077). Note this dependency is only needed to run tests in practice (Undici is listed in devDependencies in package.json).

Dependency bumps

• Bump rollup from 4.60.2 to 4.60.3 (#2078)
• Bump ip-address from 10.1.0 to 10.2.0 (#2081)
• Bump web-specs from 3.84.0 to 3.85.0 (#2080)
• Bump puppeteer from 24.42.0 to 24.43.0 (#2079)
• Bump undici from 7.24.4 to 8.2.0 (#2077)

v20.0.0 - 2025-10-15

Breaking changes

Version 20.0.0 updates the cssmerge post-processing step to move nested at-rules to the root atrules level. The nested at-rules are scoped to the parent at-rule(s) through the for property. This change is breaking in the sense that there were no at-rule at the root level scoped to another at-rule in previous versions. Only known scoped at-rules for now in web specifications are those defined for @font-feature-values.

You may consider version 20 to be a minor version bump if you do not use the cssmerge post-processing step, or if you do not process at-rules in any way.

Dependency bumps

• Bump respec from 35.5.1 to 35.6.0 (#1957)
• Bump puppeteer from 24.23.0 to 24.25.0 (#1961)
• Bump web-specs from 3.67.0 to 3.68.0 (#1960)

v19.0.0 - 2025-06-13

Breaking changes

Version 18.8.0 introduced a new cssmerge post-processing step to consolidate CSS extracts into a single file. Version 19 changes the structure of the consolidated file a bit. Breaking changes are:

• [CSS post-processing] Unwrap type names (breaking) (#1862)
• [CSS post-processing] Use syntax for syntaxes (breaking) (#1861)
• [CSS post-processing] Merge scopes when possible (breaking) (#1858)

In other words, unless you had already adopted the cssmerge post-processing step, you may consider version 19 to be a minor version bump.

Dependency bumps

• Bump rollup from 4.42.0 to 4.43.0 (#1856)
• Bump respec from 35.4.0 to 35.4.1 (#1860)
• Bump brace-expansion from 2.0.1 to 2.0.2 (#1857)
• Bump puppeteer from 24.10.0 to 24.10.1 (#1863)

v18.0.0 - 2024-11-29

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)