Backports the following security fixes from Mermaid v11.15.0:
- CVE-2026-41150: fix(gantt): limit loop if excluding all dates (a59ea56)
- CVE-2026-41148: fix: prevent unbalanced CSS styles in classDefs (8fead23)
- CVE-2026-41149: fix: create CSS styles using the CSSOM (4e2d512)
- CVE-2026-41159: fix: block stylis scope escape (a9d9f0d)
- CVE-2026-41907: fix: loosen
uuiddependency range to allow v14
We don't use this vulnerable code, but it allows users to silence this warning.
(e8c7043)
And other dependency updates.
Full Changelog: v10.9.5...v10.9.6