Bump xmldom and lighthouse

[dependabot[bot]]

Removes xmldom. It's no longer used after updating ancestor dependency lighthouse. These dependencies need to be updated together.

Removes xmldom

Updates lighthouse from 4.3.1 to 7.5.0

Release notes

Sourced from lighthouse's releases.

v7.5.0

Full Changelog

We expect this release to ship in the DevTools of Chrome 92, and to PageSpeed Insights within 2 weeks.

New contributors

Thanks to our new contributor 👽🐷🐰🐯🐻!

• Johannes Weber @​johannes-weber

Notable Changes

We are releasing the Lighthouse Treemap!

You may already be familiar with treemaps thanks to webtreemap (which we use!) or source-map-explorer. With Lighthouse Treemap, you'll be able to view all the JavaScript bundles on your page easily from a Lighthouse report, in addition to some insights that may help reduce the amount of JavaScript on a page. The only requirement is that source maps are accessible (either publicly, or securely from the same computer that is running the Lighthouse audit).

We even collect code coverage data from Chrome, and extrapolate the coverage of individual modules in a bundle:

Note: this only takes into account a cold-load: code only used after user interaction will be marked as unused. Stay tuned for a future release, which will enable you to configure user flows and capture even more accurate performance insights.

If we detect a large module included by multiple bundles, we'll alert you of that too.

You can access Lighthouse Treemap from the report:

Currently, only reports generated with the Lighthouse Node CLI will connect to the Lighthouse Treemap App. We are working on adding this functionality to Lighthouse in DevTools and PageSpeed Insights.

Demo

Core

• add new CLS (all frames) to hidden metrics audit (#12476)
• script-treemap-data: default config (#12494)
• script-treemap-data: include unmapped bytes (#12452)
• driver: extract gotoURL to navigation module (#12421)
• responsive-images: ignore images larger than viewport (#12414)
• robots: use new fetcher to get robots.txt (#12423)

Fraggle Rock

Support for auditing user flows (#11313)

• computed-artifact: remove settings and options from context (#12435)
• convert optimized-images gatherer (#12491)

... (truncated)

Changelog

Sourced from lighthouse's changelog.

7.5.0 (2021-05-18)

Full Changelog

We expect this release to ship in the DevTools of Chrome 92, and to PageSpeed Insights within 2 weeks.

New contributors

Thanks to our new contributor 👽🐷🐰🐯🐻!

• Johannes Weber @​johannes-weber

Notable Changes

We are releasing the Lighthouse Treemap!

You may already be familiar with treemaps thanks to webtreemap (which we use!) or source-map-explorer. With Lighthouse Treemap, you'll be able to view all the JavaScript bundles on your page easily from a Lighthouse report, in addition to some insights that may help reduce the amount of JavaScript on a page. The only requirement is that source maps are accessible (either publicly, or securely from the same computer that is running the Lighthouse audit).

We even collect code coverage data from Chrome, and extrapolate the coverage of individual modules in a bundle. Note: this only takes into account a cold-load: code only used after user interaction will be marked as unused. Stay tuned for a future release, which will enable you to configure user flows and capture even more accurate performance insights.

If we detect a large module included by multiple bundles, we'll alert you of that too.

You can access Lighthouse Treemap from the report:

Currently, only reports generated with the Lighthouse Node CLI will connect to the Lighthouse Treemap App. This functionality will be in DevTools and PageSpeed Insights as of Lighthouse v8.0.

Demo

Core

• add new CLS (all frames) to hidden metrics audit (#12476)
• script-treemap-data: default config (#12494)
• script-treemap-data: include unmapped bytes (#12452)
• driver: extract gotoURL to navigation module (#12421)
• responsive-images: ignore images larger than viewport (#12414)
• robots: use new fetcher to get robots.txt (#12423)

Fraggle Rock

Support for auditing user flows (#11313)

• computed-artifact: remove settings and options from context (#12435)
• convert optimized-images gatherer (#12491)
• convert image-elements gatherer (#12474)
• convert source-maps gatherer (#12467)
• convert js-usage gatherer (#12450)

... (truncated)

Commits

• 8ff570d v7.5.0 (#12500)
• 5bf653d core(script-treemap-data): default config (#12494)
• 76e2189 misc(treemap): esc to zoom out (#12498)
• 78d65c8 misc(treemap): remove too similar color hues (#12497)
• de6cbd0 misc(treemap): shade background for unused bytes (#12486)
• fe4cced misc(treemap): update colors on enter keypress (#12496)
• d455ac3 i18n: import new strings (#12492)
• 187809d misc(treemap): set focus-visible styles for view mode buttons (#12495)
• 184c92c core(fr): convert optimized-images gatherer (#12491)
• 1624e30 misc(treemap): tweak styles for mobile (#12493)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.