chore(deps): bump puppeteer from 24.42.0 to 24.43.0 in the dependencies group

[dependabot]

Bumps the dependencies group with 1 update: puppeteer.

Updates puppeteer from 24.42.0 to 24.43.0

Release notes

Sourced from puppeteer's releases.

puppeteer-core: v24.43.0

24.43.0 (2026-05-06)

🎉 Features

• Implement allowlist (#14897) (e7e31f8)
• roll to Chrome 148.0.7778.56 (#14918) (65890b7)
• roll to Firefox 150.0 (#14900) (beab61b)
• support checkboxes and radios in locator.fill (#14939) (fec05a0)
• webmcp: Add support for untrustedContent WebMCPAnnotation (#14901) (0314942)

🛠️ Fixes

• Disable WebUIReloadButton experiment (#14925) (d9639e9)
• do not open DevTools if it is already open (#14922) (84c9d34)
• do not set global offline flag for allowlist (#14931) (d6a1003)
• roll to Chrome 148.0.7778.97 (#14929) (536eb11)
• roll to Firefox 150.0.1 (#14923) (50438cf)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​puppeteer/browsers bumped from 2.13.0 to 2.13.1

puppeteer: v24.43.0

24.43.0 (2026-05-06)

🎉 Features

• roll to Chrome 148.0.7778.56 (#14918) (65890b7)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​puppeteer/browsers bumped from 2.13.0 to 2.13.1
    • puppeteer-core bumped from 24.42.0 to 24.43.0

Changelog

Sourced from puppeteer's changelog.

24.43.0 (2026-05-06)

🎉 Features

• Implement allowlist (#14897) (e7e31f8)
• roll to Chrome 148.0.7778.56 (#14918) (65890b7)
• roll to Firefox 150.0 (#14900) (beab61b)
• support checkboxes and radios in locator.fill (#14939) (fec05a0)
• webmcp: Add support for untrustedContent WebMCPAnnotation (#14901) (0314942)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​puppeteer/browsers bumped from 2.13.0 to 2.13.1

🛠️ Fixes

• Disable WebUIReloadButton experiment (#14925) (d9639e9)
• do not open DevTools if it is already open (#14922) (84c9d34)
• do not set global offline flag for allowlist (#14931) (d6a1003)
• roll to Chrome 148.0.7778.97 (#14929) (536eb11)
• roll to Firefox 150.0.1 (#14923) (50438cf)

Commits

• 07e2a1d chore: release main (#14902)
• 8451125 chore: Add a special treatment for EPERM error for windows test (#14943)
• 924eb69 test: Add form node to an accessibility tree (#14942)
• e54b90a chore: add iframe blocking tests (#14926)
• fec05a0 feat: support checkboxes and radios in locator.fill (#14939)
• d6a1003 fix: do not set global offline flag for allowlist (#14931)
• 2ee0f10 chore(deps-dev): bump the dev-dependencies group with 5 updates (#14935)
• 7e57729 chore(deps): bump the all group in /website with 11 updates (#14936)
• e51242d chore(deps): bump github/codeql-action from 4.35.2 to 4.35.3 in the all group...
• 50438cf fix: roll to Firefox 150.0.1 (#14923)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	puppeteer@​24.42.0 ⏵ 24.43.0

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: npm puppeteer-core is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: ? → npm/puppeteer@24.43.0 → npm/puppeteer-core@24.43.0 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/puppeteer-core@24.43.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report