fix(deps): update module github.com/tdewolff/minify/v2 to v2.24.12

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/tdewolff/minify/v2	v2.24.8 → v2.24.12

---

Release Notes

tdewolff/minify (github.com/tdewolff/minify/v2)

v2.24.12

Compare Source

• JS: fix variable reordering for const and let declarations, fixes #​939
• HTML: prevent long execution time for whitespace look-ahead, fixes bug from OSSFuzz

v2.24.11

Compare Source

• CSS: remove empty rulesets, see #​908
• JS: fix variable declaration reodering, fixes #​926
• JS: suppress checking for duplicate private members in classes, fixes #​932
• SVG: add KeepNamespaces option, fixes #​936

v2.24.10

Compare Source

• JS: fix precedence in OptionalExpression within Member/CallExpressions; fixes #​912
• JS: fix variable renaming inside objects within object-property-methods, fixes #​910

v2.24.9

Compare Source

• cmd: fix --match for Windows, fixes #​901
• cmd: ignore bad softlinks, remove verbosity level for warning (now 1 is info, 2 is debug); fix bugs for --match/--include/--exclude, see https://github.com/tdewolff/minify/issues/901
• HTML: don't remove end tags in , fixes #​907
• CSS: fix nested rulesets, see #​908

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At 12:00 AM through 04:59 AM and 10:00 PM through 11:59 PM, Monday through Friday (* 0-4,22-23 * * 1-5)
  • Only on Sunday and Saturday (* * * * 0,6)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 1 additional dependency was updated

Details:

Package	Change
github.com/tdewolff/parse/v2	v2.8.5 -> v2.8.11

[github-actions]

Renovate PR Review Results

⚖️ Safety Assessment: ✅ Safe

🔍 Release Content Analysis

Version Update: v2.24.8 → v2.24.12 (4 patch releases)

Major Changes Across Releases:

• v2.24.12:

  • JS: Fixed variable reordering for const and let declarations (#939)
  • HTML: Prevented long execution time for whitespace look-ahead (OSSFuzz bug fix)

• v2.24.11:

  • CSS: Added removal of empty rulesets (#908)
  • SVG: Introduced new KeepNamespaces option (#936)
  • JS: Fixed variable declaration reordering (#926)
  • JS: Suppressed checking for duplicate private members in classes (#932)

• v2.24.10:

  • JS: Fixed precedence in OptionalExpression within Member/CallExpressions (#912)
  • JS: Fixed variable renaming inside objects within object-property-methods (#910)

• v2.24.9:

  • CMD: Fixed --match for Windows (#901)
  • CMD: Ignore bad softlinks, updated verbosity levels
  • HTML: Don't remove end tags in <template> (#907)
  • CSS: Fixed nested rulesets (#908)

Breaking Changes: None identified

Security Fixes: HTML whitespace processing performance issue (OSSFuzz-discovered DoS prevention)

Transitive Dependency Update: github.com/tdewolff/parse/v2 also updated from v2.8.5 → v2.8.11

🎯 Impact Scope Investigation

Direct Usage Locations: 3 files in /internal/formatters/

• html_minified.go:10-12 - Uses minify.New(), html.Minifier{KeepDocumentTags, KeepQuotes}, css.Minify
• json_minified.go:9-10 - Uses minify.New(), json.Minify
• svg_minified.go:9-10 - Uses minify.New(), svg.Minify

API Methods Used:

• minify.New() - Core initialization method
• (*minify.M).Add() - Register minifier with options
• (*minify.M).AddFunc() - Register minifier function
• (*minify.M).Minify() - Execute minification
• html.Minifier struct with KeepDocumentTags and KeepQuotes options
• Function minifiers: css.Minify, json.Minify, svg.Minify

API Compatibility: ✅ All APIs used in gat remain unchanged and backward compatible

Test Results:

• ✅ All existing tests pass: go test ./... (internal/display, internal/gat, internal/masker, internal/prettier)
• ✅ Build successful: Binary builds without errors
• ✅ Runtime verification: HTML and JSON minified formatters work correctly with test files
• ✅ Manual API compatibility test: All minification functions execute successfully

Impact on Other Dependencies: None - minify/v2 is a leaf dependency with no impact on other packages

💡 Recommended Actions

Immediate Actions:

1. ✅ Safe to merge - No code changes required
2. Merge this PR to benefit from bug fixes and performance improvements

Benefits of This Update:

• Improved JavaScript minification correctness (fixes for const/let declarations, variable renaming, optional chaining)
• Enhanced HTML minification stability (prevents long execution times)
• Better CSS handling (empty ruleset removal, nested ruleset fixes)
• Cross-platform improvements (Windows --match fix)
• Security improvement (DoS prevention for HTML whitespace processing)

Post-Merge Monitoring:

• Monitor for any unexpected minification behavior in HTML, JSON, or SVG outputs
• No configuration changes needed

🔗 Reference Links

• v2.24.12 Release Notes
• v2.24.11 Release Notes
• v2.24.10 Release Notes
• v2.24.9 Release Notes
• Repository Compare View

Generated by koki-develop/claude-renovate-review