Bump webpack, webpack-assets-manifest and webpack-cli

[dependabot]

Bumps webpack, webpack-assets-manifest and webpack-cli. These dependencies needed to be updated together.
Updates webpack from 4.46.0 to 5.26.0

Release notes

Sourced from webpack's releases.

v5.26.0

Features

• handle cache version automatically for DefinePlugin
  • Values no longer need to be defined as build dependencies
• add more options for DefinePlugin.runtimeValue (file/context/missing/buildDependencies, version)

Bugfixes

• fix a memory leak which happens in watch mode with caching when modules are removed from the compilation
• fix usage of some arrow functions when es5 target is selected
• chunk loading in workers now uses publicPath instead of relative paths
  • fixes a problem when worker file is in a child directory

v5.25.1

Bugfixes

• fix startup logic when non-js chunks are in the entrypoint
• remove type: "module" for Workers when generating classic scripts

v5.25.0

Features

• Refactor the startup logic to improve library support
• add __webpack_runtime_id__ to access the current runtime id
• improve error handling for HMR
  • add second argument to self accept error handler to pass new module and module id
  • add error handler argument to dependency accept, passing error and module ids
• add output.strictModuleErrorHandling to opt into stricter evaluation error handling semantics according to ESM spec
  • used by default when HMR is enabled
• when ignoring a module used by new URL() this will result in an url to a empty file ("data:,")
• add module.generator.asset.emit option to disable creating assets from asset modules (e. g. for SSR)

Bugfixes

• fix problem when library options apply to a non-runtime chunk
• fix crash in splitChunks.maxSize where negative indicies are accessed
• fix sub-optimal splitting of splitChunks.maxSize in some cases when multiple size types are involved
• fix a memory leak in AssetGenerator
• fix usage of runtime globals in SharedPlugin to support HMR updates

Deprecations

• deprecate output.strictModuleExceptionHandling (this is the CommonJS way of handling errors, and the name is weird)

v5.24.4

Bugfixes

• fix overridding built-in externals via externals
• fix handling UNC paths as windows paths

... (truncated)

Commits

• 1def19e 5.26.0
• 99ab8bc Merge pull request #12610 from anshumanv/12577
• 53e6f98 Merge pull request #12887 from webpack/issue-12885
• 5af7e54 Merge pull request #12896 from webpack/feature/define-cache-version
• eb63cb7 fix: prefix public path in importScripts
• 7f4ce2c add expressionFunction helper to choose shortest variant when return value is...
• 610b8af Merge pull request #12894 from webpack/bugfix/memory-leak
• 103a514 DefinePlugin takes care of module invalidation when values have changed
• 448ca3d fix: code
• 139324c test: update snapshots
• Additional commits viewable in compare view

Updates webpack-assets-manifest from 4.0.1 to 5.0.1

Release notes

Sourced from webpack-assets-manifest's releases.

5.0.1

Fixes for #115 and #116

• Improved finding asset modules
• Updated hooks for watch mode
• Use public path with entrypoints
• Updated dependencies

5.0.0

• Compatible with webpack 5 only (5.1+ required).
• Supports finding asset modules.
• Updated options schema to prevent additional properties. This helps with catching typos in option names.
• ⚠️ Updated default value of the output option to be assets-manifest.json. This is to prevent confusion when working with Web app manifests or WebExtension manifests.

Commits

• 87b3ff7 5.0.1
• b578092 Updated dependencies
• 566d678 Use public path with entrypoints
• cca0785 Updated hooks for watch mode
• 6b28320 Improved finding asset modules
• 32a8d06 Updated dev dependencies
• 5bf90e9 5.0.0
• 79f2ea2 Merge pull request #114 from webdeveric/v5
• ea29308 Updated readme
• 13bf19b Updated dev dependencies
• Additional commits viewable in compare view

Updates webpack-cli from 3.3.12 to 4.5.0

Release notes

Sourced from webpack-cli's releases.

v4.5.0

4.5.0 (2021-02-02)

Notes

• now you can use webpack.config.mjs and webpack.config.js with { "type": "module" } in package.json
• you can avoid using the cross-env package:

Before:

{
    "scripts": {
        "build": "cross-env NODE_ENV=production webpack --config build/webpack.config.js"
    }
}

Now (you can remove the cross-env if you don't use it somewhere else):

{
    "scripts": {
        "build": "webpack --node-env=production --config build/webpack.config.js"
    }
}

• the mode option respect the --node-env option if you don't set the mode option explicit using CLI options or in configuration(s), i.e. --node-env production set process.env.NODE_ENV and mode to production

Bug Fixes

• avoid deprecation message (9d6dbda)
• error message on invalid plugin options (#2380) (f9ce1d3)
• improve description for 'configtest' command (#2379) (311bae3)

Features

• add the --node-env flag (#2388) (e5126f1)
• entries syntax (#2369) (6b31614)
• support ES module configuration format (#2381) (aebdbbc)

v4.4.0

4.4.0 (2021-01-19)

Bug Fixes

• better description for --no-watch-options-stdin (#2288) (4ee8665)
• double commands output in help (#2298) (efe81e9)
• pass all argv to configurations when serve command used (#2345) (5070b9b)

... (truncated)

Changelog

Sourced from webpack-cli's changelog.

4.5.0 (2021-02-02)

Notes

• now you can use webpack.config.mjs and webpack.config.js with { "type": "module" } in package.json
• you can avoid using the cross-env package:

Before:

{
    "scripts": {
        "build": "cross-env NODE_ENV=production webpack --config build/webpack.config.js"
    }
}

Now (you can remove the cross-env if you don't use it somewhere else):

{
    "scripts": {
        "build": "webpack --node-env=production --config build/webpack.config.js"
    }
}

• the mode option respect the --node-env option if you don't set the mode option explicit using CLI options or in configuration(s), i.e. --node-env production set process.env.NODE_ENV and mode to production

Bug Fixes

• avoid deprecation message (9d6dbda)
• error message on invalid plugin options (#2380) (f9ce1d3)
• improve description for 'configtest' command (#2379) (311bae3)

Features

• add the --node-env flag (#2388) (e5126f1)
• entries syntax (#2369) (6b31614)
• support ES module configuration format (#2381) (aebdbbc)

4.4.0 (2021-01-19)

Bug Fixes

• better description for --no-watch-options-stdin (#2288) (4ee8665)
• double commands output in help (#2298) (efe81e9)
• pass all argv to configurations when serve command used (#2345) (5070b9b)
• respect --stats, --color and --no-color option for serve command (#2312) (73d3fec)
• show exact package name while prompting for installation (#2338) (ffc93e5)

... (truncated)

Commits

• 3bbda71 chore(release): publish new version
• e5126f1 feat: add the --node-env flag (#2388)
• 2841cd7 test: default loader name and plugin name (#2392)
• b50d71b test: improve tests for --merge (#2399)
• ad1a6b8 docs: update (#2398)
• 805f9ff chore: use conventional commitlint (#2394)
• 9967de9 chore(deps): bump envinfo from 7.7.3 to 7.7.4 (#2396)
• aebdbbc feat: support ES module configuration format (#2381)
• d004ded docs: remove references to non-existent packages (#2395)
• 7bd747a chore(init): remove --force flag (#2391)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #856.