Bump webpack from 5.47.1 to 5.49.0

[dependabot]

Bumps webpack from 5.47.1 to 5.49.0.

Release notes

Sourced from webpack's releases.

v5.49.0

Features

• add experiments.buildHttp to build http(s):// imports instead of keeping them external
  • keeps a webpack.lock file with integrity and webpack.lock.data with cached content that should be committed
  • Automatically upgrades lockfile during development when remote resources change (might be disabled with experiments.buildHttp.upgrade: false)
  • Lockfile is frozen during production builds and usually no network requests are made (exception: Cache-Control: no-cache).
  • The webpack.lock.data persisting can be disabled with experiments.buildHttp.cacheLocation: false. That will will introduce a availability risk. (webpack cache will be used to cache network responses)

Bugfixes

• fix HMR infinite loop (again)
• fix rare non-determinism with splitChunks.maxSize introduces in the last release
• optional modules no longer cause the module to fail when bail is set
• fix typo in records format: chunkHashs -> chunkHashes

Performance

• limit the number of parallel generated chunks for memory reasons

v5.48.0

Features

• enable import assertions again

Bugfixes

• upgrade webpack-sources for fixes regarding source maps
• fix infinite loop in HMR runtime code

Commits

• d386838 5.49.0
• 150d370 Merge pull request #13918 from privatenumber/hashes-typo
• f8acab3 Merge pull request #13944 from webpack/bugfix/11594
• 9e735a7 Merge pull request #13943 from webpack/bugfix/split-chunks-max-size-determini...
• c6856e2 optional modules will not fail the build when bail is set
• 0605b88 fix indeterminism with splitChunks.maxSize
• a6e9f59 Merge pull request #13932 from webpack/bugfix/infinite-loop
• d77d863 Merge pull request #13925 from webpack/feature/http-urls
• 9bf6797 fix resolving context for redirects
• 30ebedd fix handling of new URL() in remote resources
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[chalin]

@mtwo @flands: ping. Can this be merged? (Related: #638, which would obviate the need for PRs like these.)

[chalin]

@mtwo @flands: ping. Can this be merged?

I didn't realize that my approvals had weight. I'll merge this now.

[chalin]

(I do realize that changing webpack versions might impact the OTel app running on the website, but until I know more about how to test that out, I'll assume that this update is ok.)