Upgrade: [dependabot] - bump nhsuk-frontend from 9.6.4 to 10.4.1

[dependabot]

Bumps nhsuk-frontend from 9.6.4 to 10.4.1.

Release notes

Sourced from nhsuk-frontend's releases.

v10.4.1

10.4.1 - 19 March 2026

Note: This release was created from the support/10.x branch.

🔧 Fixes

• #1860: Restore source maps for CSS to CSS output

v10.4.0

10.4.0 - 18 March 2026

Note: This release was created from the support/10.x branch.

🆕 New features

Add a modifier class for header inline search or account links

We've added a new .nhsuk-header--inline class and inline Nunjucks option for the header component. This positions the search bar (or account links) inline with the NHS logo on small screens, depending on the length of your service name. For example:

  {{ header({
+   inline: true,
    account: {
      items: [
        {
          text: "Log in",
          href: "/log-in"
        }
      ]
    }
  }) }}

This was added in pull requests #1783: Add support for inline header search or account and #1801: Add Nunjucks options for components with modifier classes.

Add Nunjucks options for components with modifier classes

We've added a new variant Nunjucks option to action links, back links, buttons, breadcrumbs, panels and tables as a simpler alternative to the variant modifier classes. For example:

  {{ button({
    text: "Yes, delete this vaccine",
-   classes: "nhsuk-button--warning"
+   variant: "warning"
  }) }}

For modifiers that can exist together, these are now supported using boolean options, for example:

... (truncated)

Changelog

Sourced from nhsuk-frontend's changelog.

10.4.1 - 19 March 2026

Note: This release was created from the support/10.x branch.

🔧 Fixes

• #1860: Restore source maps for CSS to CSS output

10.4.0 - 18 March 2026

Note: This release was created from the support/10.x branch.

🆕 New features

Add a modifier class for header inline search or account links

We've added a new .nhsuk-header--inline class and inline Nunjucks option for the header component. This positions the search bar (or account links) inline with the NHS logo on small screens, depending on the length of your service name. For example:

  {{ header({
+   inline: true,
    account: {
      items: [
        {
          text: "Log in",
          href: "/log-in"
        }
      ]
    }
  }) }}

This was added in pull requests #1783: Add support for inline header search or account and #1801: Add Nunjucks options for components with modifier classes.

Add Nunjucks options for components with modifier classes

We've added a new variant Nunjucks option to action links, back links, buttons, breadcrumbs, panels and tables as a simpler alternative to the variant modifier classes. For example:

  {{ button({
    text: "Yes, delete this vaccine",
-   classes: "nhsuk-button--warning"
+   variant: "warning"
  }) }}

For modifiers that can exist together, these are now supported using boolean options, for example:

  {{ radios({
</tr></table> 

... (truncated)

Commits

• daae5fd Merge pull request #1860 from nhsuk/sourcemap-output
• 44ba4c3 Update package version to v10.4.1
• 6a32c35 Add changelog entry
• 03b07f8 Restore source maps for CSS to CSS output
• f58aa2c Merge pull request #1858 from nhsuk/release-v10.4.0
• 10c5e63 Update package version to v10.4.0
• abbbb17 Move code word break to component
• a653215 Consolidate changes
• 47a7204 Merge pull request #1854 from nhsuk/fix-nested-lists-in-contents-list
• 82e7e7d Update reference images
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for nhsuk-frontend since your current version.

[github-actions]

This PR is raised by Dependabot to update a dependency.

[eps-autoapprove-dependabot]

I'm not approving this PR because it includes a major update of a dependency used in production

[eps-autoapprove-dependabot]

I'm not approving this PR because it includes a major update of a dependency used in production

[eps-autoapprove-dependabot]

I'm not approving this PR because it includes a major update of a dependency used in production

[eps-autoapprove-dependabot]

I'm not approving this PR because it includes a major update of a dependency used in production

[eps-autoapprove-dependabot]

I'm not approving this PR because it includes a major update of a dependency used in production

[eps-autoapprove-dependabot]

I'm not approving this PR because it includes a major update of a dependency used in production

[eps-autoapprove-dependabot]

I'm not approving this PR because it includes a major update of a dependency used in production

[eps-autoapprove-dependabot]

I'm not approving this PR because it includes a major update of a dependency used in production

[eps-autoapprove-dependabot]

I'm not approving this PR because it includes a major update of a dependency used in production

[eps-autoapprove-dependabot]

I'm not approving this PR because it includes a major update of a dependency used in production

[eps-autoapprove-dependabot]

I'm not approving this PR because it includes a major update of a dependency used in production

[eps-autoapprove-dependabot]

I'm not approving this PR because it includes a major update of a dependency used in production

[eps-autoapprove-dependabot]

I'm not approving this PR because it includes a major update of a dependency used in production

[eps-autoapprove-dependabot]

I'm not approving this PR because it includes a major update of a dependency used in production

[eps-autoapprove-dependabot]

I'm not approving this PR because it includes a major update of a dependency used in production

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[eps-autoapprove-dependabot]

I'm not approving this PR because it includes a major update of a dependency used in production