fix(less): upgrade make-dir to v4 to fix security vulnerability

[jorenbroekema]

What:

Bump make-dir to v5

Why:

There is a security vulnerability in make-dir v2:

$ npm ls semver  
less@4.6.3 project
└─┬ make-dir@2.1.0
       └── semver@5.7.1

Which is fixed by upgrading make-dir to latest

Checklist:

• Documentation N\A
• Added/updated unit tests N\A
• Code complete N\A

Additional context:

The main changes in make-dir is that it is now ESM-only and minimum Node 18 requirement. Less also has the same Node version requirement, so no issue there.
This is only used in less bin file, and we use createRequire to allow importing ESM dependencies, so also no issues there.
From Node 20.x latest and 22.x latest, we'd be able to require() them without needing the helper, which is faster, but not really something to go out of your way to change if you ask me in this context.

See also the PR from 2+ years ago that was closed for being stale. #4250
I hope this one will make it through :)

Summary by CodeRabbit

• Chores
  • Updated build tool dependencies to latest compatible versions.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: d1ec983c-882a-45fb-b24d-17b74ceaf6cc

📥 Commits

Reviewing files that changed from the base of the PR and between 48a386f and 3fed64f.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (1)

• packages/less/package.json

---

📝 Walkthrough

Walkthrough

The pull request updates the make-dir optional dependency in the Less package from version ^2.1.0 to ^5.1.0, enabling the use of a newer major version of this utility package.

Changes

Cohort / File(s)	Summary
Dependency Version Update packages/less/package.json	Bumps make-dir optionalDependencies from ^2.1.0 to ^5.1.0.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 A new version hops into sight,
make-dir now at five, oh what delight!
From two to five, the numbers ascend,
Dependencies refreshed, improvements blend! 🌱

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The title mentions upgrading make-dir to v4, but the summary shows the actual upgrade is to v5.1.0, creating a version discrepancy.	Update the title to reflect the actual target version: 'fix(less): upgrade make-dir to v5 to fix security vulnerability' or verify which version is the intended target.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

📝 Coding Plan

• Generate coding plan for human review comments

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Tip

CodeRabbit can enforce grammar and style rules using `languagetool`.

Configure the reviews.tools.languagetool setting to enable/disable rules and categories. Refer to the LanguageTool Community to learn more.