Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade webpack from 5.11.0 to 5.77.0 #1352

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade webpack from 5.11.0 to 5.77.0 #1352

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link
Contributor

Snyk has created this PR to upgrade webpack from 5.11.0 to 5.77.0.

As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 118 versions ahead of your current version.
  • The recommended version was released 25 days ago, on 2023-03-29.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Sandbox Bypass
SNYK-JS-WEBPACK-3358798		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: webpack
  • 5.77.0 - 2023-03-29

    New Features

    Developer Experience

    • Improve resolve.extensions error message to suggest when "." is missing before the extension by @ snitin315 in #16807

    Contributor Experience

    • Enable GitHub Copilot for PR's into default Pull Request Template by @ TheLarkInn in #16881

    New Contributors

    Full Changelog: v5.76.3...v5.77.0

  • 5.76.3 - 2023-03-22

    Bugfixes

    • Non-javascript files will correctly not be imported when using experiments.outputModule (ES Module Output) by @ snitin315 in #16809
    • Limit console output progress bar length to 40 when no columns provided by @ snitin315 in #16810
    • Add missing NodeJS Builtin Modules support for inspector/promises, readline/promises, and stream/consumers by @ ShenHongFei in #16841
    • webpack bin/cli now properly respects NODE_PATH env variable by @ snitin315 in #16808
    • Improve typos in resolveResourceErrorHints by @ snitin315 in #16806
    • Add missing loaders token support to moduleFilenameTemplate function call by @ pgoldberg in #16756
    • Add gaurd condition for enabledLibraryTypes in internal ContainerPlugin by @ PengBoUESTC in #16635

    New Contributors

    Full Changelog: v5.76.2...v5.76.3

  • 5.76.2 - 2023-03-15

    Bugfixes

    • Fix bug where a missing semicolon in generated bundle output for publicPathRuntime would cause concatenated runtime errors by @ snitin315 in #16811
    • Remove redundant semicolons generated in bundle runtime code after onScriptComplete function by @ ahaoboy in #16347
    • Fix bug where RealContentHashPlugin was not respecting output.hashSalt's ability to cause a force recalculation of [contenthash] for emitted assets by @ dmichon-msft #16789

    Performance

    • Improve memory and runtime performance of sourcemaps via hoisting Regular Expression literals to stored variables by @ TheLarkInn in #15722
    • Correct v8 deoptimization in ModuleGraph due to instance property declarations occurring outside of constructor by @ snitin315 in #16830

    Developer Experience

    • Improved internal typings to match webpack-sources typings for Source instances by @ snitin315 in #16805
    • Update repo examples to include missing quotation by @ snitin315 in #16812

    New Contributors

    Full Changelog: v5.76.1...v5.76.2

  • 5.76.1 - 2023-03-10

    Fixed

    • Added assert/strict built-in to NodeTargetPlugin

    Revert

  • 5.76.0 - 2023-03-08
    Read more
  • 5.75.0 - 2022-11-09

    Bugfixes

    • experiments.* normalize to false when opt-out
    • avoid NaN%
    • show the correct error when using a conflicting chunk name in code
    • HMR code tests existance of window before trying to access it
    • fix eval-nosources-* actually exclude sources
    • fix race condition where no module is returned from processing module
    • fix position of standalong semicolon in runtime code

    Features

    • add support for @ import to extenal CSS when using experimental CSS in node
    • add i64 support to the deprecated WASM implementation

    Developer Experience

    • expose EnableWasmLoadingPlugin
    • add more typings
    • generate getters instead of readonly properties in typings to allow overriding them
  • 5.74.0 - 2022-07-25

    Features

    • add resolve.extensionAlias option which allows to alias extensions
      • This is useful when you are forced to add the .js extension to imports when the file really has a .ts extension (typescript + "type": "module")
    • add support for ES2022 features like static blocks
    • add Tree Shaking support for ProvidePlugin

    Bugfixes

    • fix persistent cache when some build dependencies are on a different windows drive
    • make order of evaluation of side-effect-free modules deterministic between concatenated and non-concatenated modules
    • remove left-over from debugging in TLA/async modules runtime code
    • remove unneeded extra 1s timestamp offset during watching when files are actually untouched
      • This sometimes caused an additional second build which are not really needed
    • fix shareScope option for ModuleFederationPlugin
    • set "use-credentials" also for same origin scripts

    Performance

    • Improve memory usage and performance of aggregating needed files/directories for watching
      • This affects rebuild performance

    Extensibility

    • export HarmonyImportDependency for plugins
  • 5.73.0 - 2022-06-02

    Features

    • add options for default dynamicImportMode and prefetch and preload
    • add support for import { createRequire } from "module" in source code

    Bugfixes

    • fix code generation of e. g. return"field"in Module
    • fix performance of large JSON modules
    • fix performance of async modules evaluation

    Developer Experience

    • export PathData in typings
    • improve error messages with more details
  • 5.72.1 - 2022-05-10

    Bugfixes

    • fix __webpack_nonce__ with HMR
    • fix in operator in some cases
    • fix json parsing error messages
    • fix module concatenation with using this.importModule
    • upgrade enhanced-resolve
  • 5.72.0 - 2022-04-07

    Features

    • make cache warnings caused by build errors less verbose
    • Allow banner to be placed as a footer with the BannerPlugin
    • allow to concatenate asset modules

    Bugfixes

    • fix RemoteModules when using HMR (Module Federation + HMR)
    • throw error when using module concatenation and cacheUnaffected
    • fix in operator with nested exports
  • 5.71.0 - 2022-04-01
  • 5.70.0 - 2022-03-03
  • 5.69.1 - 2022-02-17
  • 5.69.0 - 2022-02-15
  • 5.68.0 - 2022-01-31
  • 5.67.0 - 2022-01-21
  • 5.66.0 - 2022-01-12
  • 5.65.0 - 2021-12-06
  • 5.64.4 - 2021-11-25
  • 5.64.3 - 2021-11-24
  • 5.64.2 - 2021-11-20
  • 5.64.1 - 2021-11-15
  • 5.64.0 - 2021-11-11
  • 5.63.0 - 2021-11-09
  • 5.62.2 - 2021-11-09
  • 5.62.1 - 2021-11-05
  • 5.62.0 - 2021-11-05
  • 5.61.0 - 2021-10-29
  • 5.60.0 - 2021-10-25
  • 5.59.1 - 2021-10-20
  • 5.59.0 - 2021-10-19
  • 5.58.2 - 2021-10-13
  • 5.58.1 - 2021-10-08
  • 5.58.0 - 2021-10-07
  • 5.57.1 - 2021-10-05
  • 5.57.0 - 2021-10-05
  • 5.56.1 - 2021-10-04
  • 5.56.0 - 2021-10-01
  • 5.55.1 - 2021-09-29
  • 5.55.0 - 2021-09-28
  • 5.54.0 - 2021-09-24
  • 5.53.0 - 2021-09-16
  • 5.52.1 - 2021-09-10
  • 5.52.0 - 2021-09-03
  • 5.51.2 - 2021-09-02
  • 5.51.1 - 2021-08-19
  • 5.51.0 - 2021-08-19
  • 5.50.0 - 2021-08-10
  • 5.49.0 - 2021-08-06
  • 5.48.0 - 2021-08-02
  • 5.47.1 - 2021-07-29
  • 5.47.0 - 2021-07-27
  • 5.46.0 - 2021-07-22
  • 5.45.1 - 2021-07-16
  • 5.45.0 - 2021-07-16
  • 5.44.0 - 2021-07-08
  • 5.43.0 - 2021-07-06
  • 5.42.1 - 2021-07-05
  • 5.42.0 - 2021-07-02
  • 5.41.1 - 2021-06-29
  • 5.41.0 - 2021-06-28
  • 5.40.0 - 2021-06-21
  • 5.39.1 - 2021-06-17
  • 5.39.0 - 2021-06-14
  • 5.38.1 - 2021-05-27
  • 5.38.0 - 2021-05-27
  • 5.37.1 - 2021-05-19
  • 5.37.0 - 2021-05-10
  • 5.36.2 - 2021-04-30
  • 5.36.1 - 2021-04-28
  • 5.36.0 - 2021-04-27
  • 5.35.1 - 2021-04-23
  • 5.35.0 - 2021-04-21
  • 5.34.0 - 2021-04-19
  • 5.33.2 - 2021-04-14
  • 5.33.1 - 2021-04-14
  • 5.33.0 - 2021-04-14
  • 5.32.0 - 2021-04-12
  • 5.31.2 - 2021-04-09
  • 5.31.1 - 2021-04-09
  • 5.31.0 - 2021-04-07
  • 5.30.0 - 2021-04-01
  • 5.29.0 - 2021-04-01
  • 5.28.0 - 2021-03-24
  • 5.27.2 - 2021-03-22
  • 5.27.1 - 2021-03-20
  • 5.27.0 - 2021-03-19
  • 5.26.3 - 2021-03-17
  • 5.26.2 - 2021-03-16
  • 5.26.1 - 2021-03-16
  • 5.26.0 - 2021-03-15
  • 5.25.1 - 2021-03-14
  • 5.25.0 - 2021-03-12
  • 5.24.4 - 2021-03-08
  • 5.24.3 - 2021-03-03
  • 5.24.2 - 2021-02-24
  • 5.24.1 - 2021-02-23
  • 5.24.0 - 2021-02-22
  • 5.23.0 - 2021-02-18
  • 5.22.0 - 2021-02-15
  • 5.21.2 - 2021-02-07
  • 5.21.1 - 2021-02-06
  • 5.21.0 - 2021-02-05
  • 5.20.2 - 2021-02-04
  • 5.20.1 - 2021-02-03
  • 5.20.0 - 2021-02-02
  • 5.19.0 - 2021-01-29
  • 5.18.0 - 2021-01-26
  • 5.17.0 - 2021-01-22
  • 5.16.0 - 2021-01-19
  • 5.15.0 - 2021-01-15
  • 5.14.0 - 2021-01-13
  • 5.13.0 - 2021-01-11
  • 5.12.3 - 2021-01-10
  • 5.12.2 - 2021-01-09
  • 5.12.1 - 2021-01-08
  • 5.12.0 - 2021-01-08
  • 5.11.1 - 2020-12-28
  • 5.11.0 - 2020-12-17
from webpack GitHub release notes
Commit messages
Package name: webpack
  • 263f291 5.77.0
  • ae9f0e0 Merge pull request #16881 from webpack/feature/beta-test-github-template-copilot-for-pr
  • fdcdc2d Pilot the Copilot for PR in default PR template, retain original template
  • a3ab4e7 Merge pull request #16807 from snitin315/improve-resolve-extention-error
  • d9604e9 refactor: move RegExp to a variable and use RegExp.prototype.test()
  • eac5d8c Merge pull request #16671 from thomastay/main
  • 8ac9616 5.76.3
  • 8c6a1a4 revert weird space issues part 2
  • f33c2b0 Merge branch 'webpack:main' into main
  • 2cad865 change hash
  • 628125f revert weird space issues
  • a3f49f3 Merge pull request #16635 from PengBoUESTC/chore/enabledLibraryTypes-opt
  • 39fbd73 Merge pull request #16756 from pgoldberg/pgoldberg/addLoadersToModuleFilenameTemplateCall
  • 7e5fba3 Merge pull request #16806 from snitin315/fix-typo-in-error
  • b604d78 Merge pull request #16808 from snitin315/fix-node-path
  • 4a4ba2c Merge pull request #16841 from ShenHongFei/complete-node-builtins
  • eadbd7d Merge pull request #16810 from snitin315/fix/progress-length
  • 66fe018 fix: complete the missing nodejs builtin modules
  • 460ed46 asset hash
  • 2822ed3 weird case where snapshots have extra spaces
  • 4b4c6a1 update snapshots according to CI
  • 9e3f5bb update snapshots and more special lint fix
  • f58ff9b fix: do not import non javascript chunks
  • dbf7bf3 5.76.2

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@Tanver-Hasan Tanver-Hasan mentioned this pull request Nov 24, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot