chore(deps): bump esbuild, tsx and react-email

[dependabot]

Bumps esbuild to 0.25.3 and updates ancestor dependencies esbuild, tsx and react-email. These dependencies need to be updated together.

Updates esbuild from 0.19.11 to 0.25.3

Release notes

Sourced from esbuild's releases.

v0.25.3

• Fix lowered async arrow functions before super() (#4141, #4142)

  This change makes it possible to call an async arrow function in a constructor before calling super() when targeting environments without async support, as long as the function body doesn't reference this. Here's an example (notice the change from this to null):

  // Original code
  class Foo extends Object {
    constructor() {
      (async () => await foo())()
      super()
    }
  }
  // Old output (with --target=es2016)
  class Foo extends Object {
  constructor() {
  (() => __async(this, null, function* () {
  return yield foo();
  }))();
  super();
  }
  }
  // New output (with --target=es2016)
  class Foo extends Object {
  constructor() {
  (() => __async(null, null, function* () {
  return yield foo();
  }))();
  super();
  }
  }

  Some background: Arrow functions with the async keyword are transformed into generator functions for older language targets such as --target=es2016. Since arrow functions capture this, the generated code forwards this into the body of the generator function. However, JavaScript class syntax forbids using this in a constructor before calling super(), and this forwarding was problematic since previously happened even when the function body doesn't use this. Starting with this release, esbuild will now only forward this if it's used within the function body.

  This fix was contributed by @​magic-akari.

• Fix memory leak with --watch=true (#4131, #4132)

  This release fixes a memory leak with esbuild when --watch=true is used instead of --watch. Previously using --watch=true caused esbuild to continue to use more and more memory for every rebuild, but --watch=true should now behave like --watch and not leak memory.

  This bug happened because esbuild disables the garbage collector when it's not run as a long-lived process for extra speed, but esbuild's checks for which arguments cause esbuild to be a long-lived process weren't updated for the new --watch=true style of boolean command-line flags. This has been an issue since this boolean flag syntax was added in version 0.14.24 in 2022. These checks are unfortunately separate from the regular argument parser because of how esbuild's internals are organized (the command-line interface is exposed as a separate Go API so you can build your own custom esbuild CLI).

  This fix was contributed by @​mxschmitt.

• More concise output for repeated legal comments (#4139)

  Some libraries have many files and also use the same legal comment text in all files. Previously esbuild would copy each legal comment to the output file. Starting with this release, legal comments duplicated across separate files will now be grouped in the output file by unique comment content.

... (truncated)

Changelog

Sourced from esbuild's changelog.

Changelog: 2023

This changelog documents all esbuild versions published in the year 2023 (versions 0.16.13 through 0.19.11).

Commits

• 677910b publish 0.25.3 to npm
• a41040e fix #4110: support custom non-IP host values
• dfe0e1c fix #4114: add a limit to css nesting expansion
• a54916b fix #4139: deduplicate repeated legal comments
• dc60e60 run make update-compat-table
• d917038 fix #4144: node path resolution edge case
• 7ed1684 fix #4141: Avoid redundant this access during async function lowering (#4142)
• edc3a23 docs(dev): update alias command for make test-go (#4113)
• 1ee8b67 workaround process.exit() not exiting in node
• 5c56e07 changelog note with credit for the fix
• Additional commits viewable in compare view

Updates tsx from 4.19.2 to 4.19.3

Release notes

Sourced from tsx's releases.

v4.19.3

4.19.3 (2025-02-19)

Bug Fixes

• upgrade esbuild to ~0.25.0 to address vuln report (#698) (e04e6c6)

---

This release is also available on:

• npm package (@​latest dist-tag)

Commits

• e04e6c6 fix: upgrade esbuild to ~0.25.0 to address vuln report (#698)
• 28a3e7d docs: update links to npx (#680)
• 38b7135 docs: add carbon ads
• See full diff in compare view

Updates react-email from 3.0.6 to 4.0.7

Release notes

Sourced from react-email's releases.

react-email 4.0.7

What's Changed

• 403e415: Fix deno not working as an option for email build

Full Changelog: https://github.com/resend/react-email/compare/[email protected]@4.0.7

react-email 4.0.6

What's Changed

• Updated dependencies [809130e]
  • [email protected]

Full Changelog: https://github.com/resend/react-email/compare/[email protected]@4.0.6

react-email 4.0.5

What's Changed

• e1dc351: Add support for path aliases when linter runs tailwind config

Full Changelog: https://github.com/resend/react-email/compare/[email protected]@4.0.5

react-email 4.0.4

What's Changed

• 1a7f9e6: Update dependencies: [email protected]
• 9832b5e: Fixed support for importing modules when linter loads Tailwind config

Full Changelog: https://github.com/resend/react-email/compare/[email protected]@4.0.4

react-email 4.0.3

What's Changed

• 962f768: update esbuild to 0.25.0
• 2225fe6: Fix detection of files with various export patterns

Full Changelog: https://github.com/resend/react-email/compare/[email protected]@4.0.3

react-email 4.0.2

What's Changed

• ddf9652: Fix crashing when the link or image does not exist

Full Changelog: https://github.com/resend/react-email/compare/[email protected]@4.0.2

react-email 4.0.1

What's Changed

• 8fd7409: Fix static files regression
• 8448a0b: Improved classes, better borders on table, improved scollbar colors

... (truncated)

Changelog

Sourced from react-email's changelog.

4.0.7

Patch Changes

• 403e415: Fix deno not working as an option for email build

4.0.6

Patch Changes

• 809130e: [email protected]

4.0.5

Patch Changes

• e1dc351: Add support for path aliases when linter runs tailwind config

4.0.4

Patch Changes

• 1a7f9e6: Update dependencies: [email protected]
• 9832b5e: Fixed support for importing modules when linter loads Tailwind config

4.0.3

Patch Changes

• 962f768: update esbuild to 0.25.0
• 2225fe6: Fix detection of files with various export patterns

4.0.2

Patch Changes

• ddf9652: Fix crashing when the link or image does not exist

4.0.1

Patch Changes

• 8fd7409: Fix static files regression
• 8448a0b: Improved classes, better borders on table, improved scollbar colors

4.0.0

Major Changes

• 56ab5ab: Add toolbar with image/link validation, compatibility checking and a spam scoring system

... (truncated)

Commits

• 4b1cc90 chore(root): Version packages (#2071)
• 403e415 fix(react-email): deno not working as an option for email build (#2070)
• cc2f91c chore(react-email, create-email): Prepare for release (#2061)
• 172bba1 chore(root): Improve prepare scripts (#2060)
• 809130e chore(react-email): Update Next to 15.2.4 (#2059)
• 9554861 chore(create-email, react-email): Bump for release (#2057)
• 5c28fc0 chore(root): Add missing note for linter fix
• e1dc351 fix(react-email): Linter not being able to handle tailwind config import with...
• ae07695 chore(react-email, create-email): Bump for release (#2049)
• 1a7f9e6 fix(deps): update dependency next to v15.2.3 [security] (#1967)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[netlify]

✅ Deploy Preview for pmcsc-web ready!

Name	Link
🔨 Latest commit	a4ba96a
🔍 Latest deploy log	https://app.netlify.com/sites/pmcsc-web/deploys/680beeb21f3b08000798e626
😎 Deploy Preview	https://deploy-preview-50--pmcsc-web.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	1 paths audited Performance: 82 Accessibility: 100 Best Practices: 83 SEO: 100 PWA: 80 View the detailed breakdown and full score reports

---

To edit notification comments on pull requests, go to your Netlify site configuration.