Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade webpack from 5.10.0 to 5.79.0 #19

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade webpack from 5.10.0 to 5.79.0 #19

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

@snyk-bot snyk-bot commented May 9, 2023

Snyk has created this PR to upgrade webpack from 5.10.0 to 5.79.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 124 versions ahead of your current version.
  • The recommended version was released a month ago, on 2023-04-12.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Sandbox Bypass
SNYK-JS-WEBPACK-3358798		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-TERSER-2806366		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: webpack
  • 5.79.0 - 2023-04-12

    New Features

    • webpack will now support simple destructuring scenarios for treeshaking namespaced imports and DefinePlugin by @ vankop in #16941

    Bugfixes

    • Truncate extremely long module names in DefaultStatsPrinter by @ snitin315 in #16882
    • Add [contenthash] template support in DllPlugin's name option by @ snitin315 in #16935
    • Fixed a bug where readRecords compiler hook was causing hangs in conjunction with the ReadRecordsPlugin by @ snitin315 & @ zookatron in #16944
    • webpack can now consume ESM bundles generated by webpack's esm output support by @ vankop in #15608
    • [CSS] - webpack now respects CSS's case-insensitivity with atTags like @ MEDIA by @ alexander-akait in #16915
    • [CSS] - Fixes a bug where crossOriginLoading anonymous would not work when loading styles by @ chenjiahan in #16925

    Developer Experience

    Contributor Experience

    New Contributors

    Full Changelog: v5.78.0...v5.79.0

  • 5.78.0 - 2023-04-05

    Features

    Bugfixes

    • [CSS] - Nested atRule's @ media or @ supports now properly are replaced with unique identifiers by @ noreiller in #15812
    • [CSS] - Fix bug where closing parenthesis in CSS were not properly parsed and compiled by @ janlent1 in #16864
    • Fix an issue where oneOf rule has been picked multiple times by @ xiaoxiaojx in #16477
    • Add createRequire support for node:module prefix by @ alexander-akait in #16904
    • Fix bug where self-referencing a package in a shared module failed by @ weareoutman in #16685

    Performance

    Contributor Experience

    Open in GitHub Codespaces

    New Contributors

    Full Changelog: v5.77.0...v5.78.0

  • 5.77.0 - 2023-03-29
    Read more
  • 5.76.3 - 2023-03-22
    Read more
  • 5.76.2 - 2023-03-15
    Read more
  • 5.76.1 - 2023-03-10
    Read more
  • 5.76.0 - 2023-03-08
    Read more
  • 5.75.0 - 2022-11-09
    Read more
  • 5.74.0 - 2022-07-25
    Read more
  • 5.73.0 - 2022-06-02
    Read more
  • 5.72.1 - 2022-05-10
  • 5.72.0 - 2022-04-07
  • 5.71.0 - 2022-04-01
  • 5.70.0 - 2022-03-03
  • 5.69.1 - 2022-02-17
  • 5.69.0 - 2022-02-15
  • 5.68.0 - 2022-01-31
  • 5.67.0 - 2022-01-21
  • 5.66.0 - 2022-01-12
  • 5.65.0 - 2021-12-06
  • 5.64.4 - 2021-11-25
  • 5.64.3 - 2021-11-24
  • 5.64.2 - 2021-11-20
  • 5.64.1 - 2021-11-15
  • 5.64.0 - 2021-11-11
  • 5.63.0 - 2021-11-09
  • 5.62.2 - 2021-11-09
  • 5.62.1 - 2021-11-05
  • 5.62.0 - 2021-11-05
  • 5.61.0 - 2021-10-29
  • 5.60.0 - 2021-10-25
  • 5.59.1 - 2021-10-20
  • 5.59.0 - 2021-10-19
  • 5.58.2 - 2021-10-13
  • 5.58.1 - 2021-10-08
  • 5.58.0 - 2021-10-07
  • 5.57.1 - 2021-10-05
  • 5.57.0 - 2021-10-05
  • 5.56.1 - 2021-10-04
  • 5.56.0 - 2021-10-01
  • 5.55.1 - 2021-09-29
  • 5.55.0 - 2021-09-28
  • 5.54.0 - 2021-09-24
  • 5.53.0 - 2021-09-16
  • 5.52.1 - 2021-09-10
  • 5.52.0 - 2021-09-03
  • 5.51.2 - 2021-09-02
  • 5.51.1 - 2021-08-19
  • 5.51.0 - 2021-08-19
  • 5.50.0 - 2021-08-10
  • 5.49.0 - 2021-08-06
  • 5.48.0 - 2021-08-02
  • 5.47.1 - 2021-07-29
  • 5.47.0 - 2021-07-27
  • 5.46.0 - 2021-07-22
  • 5.45.1 - 2021-07-16
  • 5.45.0 - 2021-07-16
  • 5.44.0 - 2021-07-08
  • 5.43.0 - 2021-07-06
  • 5.42.1 - 2021-07-05
  • 5.42.0 - 2021-07-02
  • 5.41.1 - 2021-06-29
  • 5.41.0 - 2021-06-28
  • 5.40.0 - 2021-06-21
  • 5.39.1 - 2021-06-17
  • 5.39.0 - 2021-06-14
  • 5.38.1 - 2021-05-27
  • 5.38.0 - 2021-05-27
  • 5.37.1 - 2021-05-19
  • 5.37.0 - 2021-05-10
  • 5.36.2 - 2021-04-30
  • 5.36.1 - 2021-04-28
  • 5.36.0 - 2021-04-27
  • 5.35.1 - 2021-04-23
  • 5.35.0 - 2021-04-21
  • 5.34.0 - 2021-04-19
  • 5.33.2 - 2021-04-14
  • 5.33.1 - 2021-04-14
  • 5.33.0 - 2021-04-14
  • 5.32.0 - 2021-04-12
  • 5.31.2 - 2021-04-09
  • 5.31.1 - 2021-04-09
  • 5.31.0 - 2021-04-07
  • 5.30.0 - 2021-04-01
  • 5.29.0 - 2021-04-01
  • 5.28.0 - 2021-03-24
  • 5.27.2 - 2021-03-22
  • 5.27.1 - 2021-03-20
  • 5.27.0 - 2021-03-19
  • 5.26.3 - 2021-03-17
  • 5.26.2 - 2021-03-16
  • 5.26.1 - 2021-03-16
  • 5.26.0 - 2021-03-15
  • 5.25.1 - 2021-03-14
  • 5.25.0 - 2021-03-12
  • 5.24.4 - 2021-03-08
  • 5.24.3 - 2021-03-03
  • 5.24.2 - 2021-02-24
  • 5.24.1 - 2021-02-23
  • 5.24.0 - 2021-02-22
  • 5.23.0 - 2021-02-18
  • 5.22.0 - 2021-02-15
  • 5.21.2 - 2021-02-07
  • 5.21.1 - 2021-02-06
  • 5.21.0 - 2021-02-05
  • 5.20.2 - 2021-02-04
  • 5.20.1 - 2021-02-03
  • 5.20.0 - 2021-02-02
  • 5.19.0 - 2021-01-29
  • 5.18.0 - 2021-01-26
  • 5.17.0 - 2021-01-22
  • 5.16.0 - 2021-01-19
  • 5.15.0 - 2021-01-15
  • 5.14.0 - 2021-01-13
  • 5.13.0 - 2021-01-11
  • 5.12.3 - 2021-01-10
  • 5.12.2 - 2021-01-09
  • 5.12.1 - 2021-01-08
  • 5.12.0 - 2021-01-08
  • 5.11.1 - 2020-12-28
  • 5.11.0 - 2020-12-17
  • 5.10.3 - 2020-12-15
  • 5.10.2 - 2020-12-15
  • 5.10.1 - 2020-12-11
  • 5.10.0 - 2020-12-04
from webpack GitHub release notes
Commit messages
Package name: webpack
  • ecdcc1a 5.79.0
  • c07ca8e Merge pull request #15608 from webpack/fix/consume-esm-bundled-library
  • 3b8c9c6 Merge pull request #16419 from karlhorky/patch-1
  • a9ea0d9 Merge pull request #16915 from webpack/fix-case-sensitivity-in-css
  • 69d9c40 Merge pull request #16944 from snitin315/fix/read-records-callback
  • 66f6472 Merge pull request #12774 from snitin315/export-more-types
  • 96c5d21 Merge pull request #16882 from snitin315/limit-identifier-length
  • 7f08e4d Merge pull request #16925 from chenjiahan/fix/css_cross_origin_loading
  • ee1a267 Merge pull request #16935 from snitin315/fix/dll-plugin-contenthash
  • 4cacd7e Merge pull request #16941 from webpack/feat/destructuring-assignment
  • 254f8aa Merge pull request #16968 from webpack/chore-again-more-deps
  • a9344bf chore: update more open-cli
  • f2619d3 chore: update more deps
  • ee24969 test: update snapshots
  • 4a07cc8 chore: bump deps
  • 4d2bdfc Merge pull request #16947 from webpack/chore-jest
  • 76f077b ci: fix azure
  • 54e72f0 ci: fix azure
  • 8b6f33d ci: refactor
  • d2c133f fix: avoid extra lock
  • 4118555 ci: fix github actions
  • 9028ef5 ci: fix
  • 23a06f2 chore: fix installation
  • 080fc12 chore: update yarn

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot