Version
30.3.0
Steps to reproduce
The jest-environment-jsdom latest version of 30.3.0 uses jsdom@26.1.0 which in turn uses whatwg-encoding@3.1.1. This library has been deprecated and archived by the owner since late 2025: https://github.com/jsdom/whatwg-encoding. The owner recommends the use of https://www.npmjs.com/package/@exodus/bytes which is more compliant and has regular security updates.
Hoping we can update jsdom to atleast version 27.4 which removes this transitive dependency.
Expected behavior
See above
Actual behavior
See above
For projects operating under strict dependency governance — particularly in enterprise and regulated environments - the presence of deprecated, unmaintained transitive dependencies creates compliance risks, triggers security scanning alerts, and blocks adoption of the latest Jest versions. Updating the underlying jsdom to at least v27.4 (which removes the whatwg-encoding dependency entirely) would eliminate these concerns, reduce the maintenance burden on downstream consumers, and keep Jest's dependency tree healthy and free of known supply-chain risks.
Additional context
No response
Environment
System:
OS: Windows 11 10.0.26100
CPU: (16) x64 Intel(R) Xeon(R) Platinum 8370C CPU @ 2.80GHz
Binaries:
Node: 22.22.1 - C:\Program Files\nodejs\node.EXE
npm: 10.9.4 - C:\Program Files\nodejs\npm.CMD
Version
30.3.0
Steps to reproduce
The
jest-environment-jsdomlatest version of30.3.0usesjsdom@26.1.0which in turn useswhatwg-encoding@3.1.1. This library has been deprecated and archived by the owner since late 2025: https://github.com/jsdom/whatwg-encoding. The owner recommends the use of https://www.npmjs.com/package/@exodus/bytes which is more compliant and has regular security updates.Hoping we can update jsdom to atleast version 27.4 which removes this transitive dependency.
Expected behavior
See above
Actual behavior
See above
For projects operating under strict dependency governance — particularly in enterprise and regulated environments - the presence of deprecated, unmaintained transitive dependencies creates compliance risks, triggers security scanning alerts, and blocks adoption of the latest Jest versions. Updating the underlying jsdom to at least v27.4 (which removes the whatwg-encoding dependency entirely) would eliminate these concerns, reduce the maintenance burden on downstream consumers, and keep Jest's dependency tree healthy and free of known supply-chain risks.
Additional context
No response
Environment
System: OS: Windows 11 10.0.26100 CPU: (16) x64 Intel(R) Xeon(R) Platinum 8370C CPU @ 2.80GHz Binaries: Node: 22.22.1 - C:\Program Files\nodejs\node.EXE npm: 10.9.4 - C:\Program Files\nodejs\npm.CMD