[Snyk] Upgrade webpack from 5.88.2 to 5.94.0 #74
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade webpack from 5.88.2 to 5.94.0. See this package in npm: webpack See this project in Snyk: https://app.snyk.io/org/mohammadnewton/project/16162bbd-23fc-464a-ae01-f10558367401?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade webpack from 5.88.2 to 5.94.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 10 versions ahead of your current version.
The recommended version was released on a month ago.
Issues fixed by the recommended upgrade:
SNYK-JS-SERIALIZEJAVASCRIPT-6147607
SNYK-JS-WEBPACK-7840298
Release notes
Package name: webpack
-
5.94.0 - 2024-08-22
- Added runtime condition for harmony reexport checked
- Handle properly
- Make
- Move @ types/eslint-scope to dev deps
- Related in asset stats is now always an array when no related found
- Handle ASI for export declarations
- Mangle destruction incorrect with export named default properly
- Fixed unexpected asi generation with sequence expression
- Fixed a lot of types
- Added new external type "module-import"
- Support
- [CSS]
- Fixed DOM clobbering in auto public path
-
5.93.0 - 2024-07-11
- Generate correct relative path to runtime chunks
- Makes
- Fixed mangle destructuring default in namespace import
- Fixed consumption of eager shared modules for module federation
- Strip slash for pretty regexp
- Calculate correct contenthash for CSS generator options
- Added the
- Added the
- Added the
-
5.92.1 - 2024-06-19
- Doesn't crash with an error when the css experiment is enabled and contenthash is used
-
5.92.0 - 2024-06-11
- Correct tidle range's comutation for module federation
- Consider runtime for pure expression dependency update hash
- Return value in the
- Fixed failed to resolve promise when eager import a dynamic cjs
- Avoid generation extra code for external modules when remapping is not required
- The
- Avoid hashing for
- Fixed mangle with destructuring for JSON modules
- The
- Fixed
- Correct behavior of
- Changed to the correct plugin name for the
- Set the
- Fixed when runtimeChunk has no exports when
- [CSS] Fixed parsing minimized CSS import
- [CSS] URLs in CSS files now have correct public path
- [CSS] The
- [Types] Improved context module types
- Added platform target properties to compiler
- Improved multi compiler cache location and validating it
- Support
- Support
- Support prefetch/preload for module chunk format
- Support "..." in the
- Root module is less prone to be wrapped in IIFE
- Export
- Export
- Export
- [CSS] Support the
- [CSS] Support CSS when chunk format is module
-
5.91.0 - 2024-03-20
- Deserializer for ignored modules doesn't crash
- Allow the
- Normalize the
- Fixed
- Fixed resolve's plugins types
- Fixed wrongly calculate postOrderIndex
- Fixed watching types
- Output import attrbiutes/import assertions for external JS imports
- Throw an error when DllPlugin needs to generate multiple manifest files, but the path is the same
- [CSS] Output
- Allow to customize the stage of BannerPlugin
- [CSS] Support CSS exports convention
- [CSS] support CSS local ident name
- [CSS] Support
- [CSS] Support
- [CSS] Allow to use LZW to compress css head meta (enabled in the
- [CSS] Support prefetch/preload for CSS chunks
-
5.90.3 - 2024-02-19
- don't mangle when destructuring a reexport
- types for
- many internal types
- [CSS] clean up export css local vars
- simplify and optimize chunk graph creation
-
5.90.2 - 2024-02-15
- use
- the
- mangle export with destructuring
- use new runtime to reconsider skipped connections
- make dynamic import optional in
- improve auto publicPath detection
- improve CI setup and include Node.js@21
-
5.90.1 - 2024-02-01
- set
- correct
- add fallback for MIME mismatch error in async wasm loading
- browsers versions of ECMA features
- optimize
- optimize
- reuse VM context across webpack magic comments
-
5.90.0 - 2024-01-24
- Fixed inner graph for classes
- Optimized
- Fixed worklet detection in production mode
- Fixed an error for cyclic importModule
- Fixed types for
- Added the
- Don't warn about dynamic import for build dependencies
- External module generation respects the
- Fixed consumimng shared runtime module logic
- Fixed a runtime logic of multiple chunks
- Fixed destructing assignment of dynamic import json file
- Passing errors array for a module hash
- Added
- Generated a library manifest after clean plugin
- Fixed non
- Fixed a bug in
- Fixed an error message for condition
- The
- Clean up child compilation chunk graph to avoid memory leak
- [CSS] - Fixed CSS import prefer relative resolution
- [CSS] - Fixed CSS runtime chunk loading error message
- Allow to set
- Added a warning for async external when not supported
- Added a warning for async module when not supported
- Added the
- Added the
- Exposed the
- [CSS] - Added CSS parser options to enable/disable named exports
- [CSS] - Moved CSS the
- use node.js LTS version for lint
- bump actions/cache from 3 to 4
- bump prettier from 3.2.1 to 3.2.3
- bump assemblyscript
- bump actions/checkout from 3 to 4
-
5.89.0 - 2023-10-13
- Make CommonJS import preserve chained expressions by @ bworline in #17718
- chore(deps-dev): bump @ types/node from 20.3.1 to 20.4.8 by @ dependabot in #17568
- docs: add example for stats detailed output by @ ersachin3112 in #17420
- docs: add example for stats normal output by @ ersachin3112 in #17426
- chore(deps-dev): bump core-js from 3.31.0 to 3.32.0 by @ dependabot in #17539
- chore(deps-dev): bump pretty-format from 29.5.0 to 29.6.2 by @ dependabot in #17536
- chore(deps-dev): bump @ types/node from 20.4.8 to 20.4.9 by @ dependabot in #17583
- chore(deps-dev): bump less from 4.1.3 to 4.2.0 by @ dependabot in #17580
- chore(deps): bump semver from 5.7.1 to 5.7.2 by @ dependabot in #17483
- chore(deps-dev): bump simple-git from 3.19.0 to 3.19.1 by @ dependabot in #17427
- chore(deps-dev): bump @ types/node from 20.4.9 to 20.6.0 by @ dependabot in #17666
-
5.88.2 - 2023-07-18
from webpack GitHub release notesBug Fixes
data/http/httpsprotocols in source mapsbigintoptimistic when browserslist not foundNew Features
webpackIgnorefornew URL()construction@ importpathinfo supportSecurity
Bug Fixes
DefinePluginquieter under default log levelNew Features
binarygenerator option for asset modules to explicitly keep source maps produced by loadersmodern-modulelibrary value for tree shakable outputoverrideStrictoption to override strict or non-strict mode for javascript modulesBug Fixes
Bug Fixes
subtractRuntimefunction for runtime logiccss/globaltype now handles the exports name@ keyframeand@ propertyat-rules incss/globaltypestats.hasWarnings()method now respects theignoreWarningsoptionArrayQueueiterator__webpack_exports_info__.a.b.canMangleCommonJsChunkFormatPluginpluginchunkLoadingoption to theimportwhen environment is unknown and output is modulemodulechunkFormat usedcssmodule type should not allow parser to switch modeNew Features
import attributesspec (withkeyword)node:prefix for Node.js core modules in runtime codeimportsFieldsoption for resolverInitFragmentclass for pluginscompileBooleanMatcherutil for pluginsInputFileSystemandOutputFileSystemtypesesModulegenerator option for CSS modulesBug Fixes
unsafeCacheoption to be a proxy objectsnapshot.unmanagedPathsoptionfstypeslayer/supports/mediafor external CSS importsNew Features
__webpack_nonce__for CSS chunksfetchPriorityfor CSS chunksproductionmode by default)Bug Fixes
Stats.toJson()andStats.toString()Perf
Bug Fixes
Math.imulinfnv1a32to avoid loss of precision, directly hash UTF16 valuessetStatus()of the HMR module should not return an array, which may cause infinite recursion__webpack_exports_info__.xxx.canMangleshouldn't always same as defaultactiveStatetry/catchDependencies & Maintenance
Bug Fixes
unmanagedPathsin defaultspreOrderIndexandpostOrderIndexPerformance
compareStringsNumericnumberHashusing 32-bit FNV1a for small ranges, 64-bit for largerBug Fixes
RemoveParentModulesPluginvia bigint arithmeticServerandDirentfetchPriorityto hmr runtime'sensureChunkfunctionoutput.environment.arrowFunctionoption/*#__PURE__*/to generatedJSON.parse()amdexternals andamdlibrarySideEffectsFlagPluginwith namespace re-exportsorstrictModuleErrorHandlingis now workingNew Features
falsefor dev server inwebpack.config.jsnode-moduleoption for thenode.__filename/__dirnameand enable it by default for ESM targetsnapshot.unmanagedPathsoptionMultiCompilerOptionstypeexportsOnlyoption to CSS generator optionsDependencies & Maintenance
Full Changelog: v5.89.0...v5.90.0
New Features
Dependencies & Maintenance
Full Changelog: v5.88.2...v5.89.0
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: