chore(deps-dev): Bump jscpd from 5.0.9 to 5.0.11

[dependabot]

Bumps jscpd from 5.0.9 to 5.0.11.

Release notes

Sourced from jscpd's releases.

Release v5.0.10

cpd (Rust) v5.0.10

Bug Fixes

• Emit scan-root-relative paths in all reporters when absolute: false (or the default). Previously, jscpd /abs/path from a different CWD left absolute paths in SARIF/JSON/XML/HTML/CSV/Markdown/console output, and Windows/macOS path canonicalization could leave \\?\ or ./ prefixes. Paths are now normalized against the canonicalized scan root (with CWD fallback) and stripped of any leading ./ or .\\ component. Fixes #827
• Fix --skip-local to match jscpd v4 TypeScript semantics: it now filters clones where both fragments are under the same scan root, instead of only skipping clones in the same parent directory

Refactoring

• DRY duplication in reporters: extract shared helpers (print_clone_header, print_clone_locations, print_snippet, write_report_file, report statistics, test fixtures, etc.) into cpd-reporter/src/shared.rs. Console, console-full, CSV, JSON, HTML, Markdown, silent, XML, and SARIF reporters now reuse the same implementation, reducing the monorepo's reported duplication ratio from 5.0% to 0.56% and fixing a latent --absolute path relativization bug in the same pass
• Move blame enrichment from gitoxide to git blame --porcelain; capture elapsed time after blame so timing includes blame work
• Resolve needless_borrow clippy warnings in CSV and Markdown reporters

Documentation

• Add Nix and Homebrew install instructions to Rust READMEs. #818
• Update project homepage URLs to https://jscpd.dev in all Cargo.toml and npm package.json files, add curl install method to READMEs, clean up outdated badges
• Remove defunct Universal Analytics tracking pixels from all READMEs

Published Packages

• cpd-core@0.1.5 on crates.io
• cpd-finder@0.1.8 on crates.io
• cpd-reporter@0.1.7 on crates.io
• cpd-tokenizer@0.1.6 on crates.io
• jscpd@5.0.10 on crates.io
• cpd@5.0.10 on npm
• jscpd@5.0.10 on npm
• cpd-darwin-arm64@5.0.10 on npm
• cpd-darwin-x64@5.0.10 on npm
• cpd-linux-x64-gnu@5.0.10 on npm
• cpd-linux-arm64-gnu@5.0.10 on npm
• cpd-linux-x64-musl@5.0.10 on npm
• cpd-windows-x64-msvc@5.0.10 on npm

Install

npm install -g cpd
# or
npm install -g jscpd
# or
cargo install jscpd

Changelog

Sourced from jscpd's changelog.

5.0.11

New Features

• Razor (.razor) support — new tokenizer for Razor files in the Rust backend (thanks to @​chrisc-onaorg in #829)

Dependencies

• cpd-core bumped to 0.1.6, cpd-tokenizer bumped to 0.1.7

---

5.0.10

Bug Fixes

• Emit scan-root-relative paths in all reporters when absolute: false. Fixes #827
• Fix --skip-local to match jscpd v4 TypeScript semantics

Refactoring

• DRY duplication in reporters: extract shared helpers into cpd-reporter/src/shared.rs
• Move blame enrichment from gitoxide to git blame --porcelain

---

Commits

• 115f7fb release: cpd-v5.0.11
• c4cf41a release: cpd-v5.0.10
• 9f6b8f5 docs: add Nix and Homebrew install instructions (#818)
• 527bb08 chore: remove defunct Universal Analytics tracking pixels from all READMEs
• dbe90b0 docs: update project URLs to jscpd.dev, add curl install, clean up badges
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)