chore(deps): update dependency webpack to v5.105.2 #119
No reviewers
Labels
No labels
bug
duplicate
enhancement
help wanted
invalid
question
renovate-bot
renovate-security
security
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
mCaptcha/pow_sha256-polyfill!119
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "renovate/webpack-5.x-lockfile"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
This PR contains the following updates:
5.102.0->5.105.2Release Notes
webpack/webpack (webpack)
v5.105.2Compare Source
Patch Changes
WebpackPluginInstancetype regression. (by @alexander-akait in #20440)v5.105.1Compare Source
Patch Changes
Fix VirtualUrlPlugin Windows compatibility by sanitizing cache keys and filenames. Cache keys now use
toSafePathto replace colons (:) with double underscores (__) and sanitize other invalid characters, ensuring compatibility with Windows filesystem restrictions. (by @xiaoxiaojx in #20424)Revert part of the createRequire generation behavior for
require("node:...")to keep compatibility with those modules exports, e.g.const EventEmitter = require("node:events");. (by @hai-x in #20433)Skip guard collection when exports-presence mode is disabled to improve parsing performance. (by @hai-x in #20433)
v5.105.0Compare Source
Minor Changes
Allow resolving worker module by export condition name when using
new Worker()(by @hai-x in #20353)Detect conditional imports to avoid compile-time linking errors for non-existent exports. (by @hai-x in #20320)
Added the
tsconfigoption for theresolveroptions (replacement fortsconfig-paths-webpack-plugin). Can befalse(disabled),true(use the defaulttsconfig.jsonfile to search for it), a string path totsconfig.json, or an object withconfigFileandreferencesoptions. (by @alexander-akait in #20400)Support
import.defer()for context modules. (by @ahabhgk in #20399)Added support for array values to the
devtooloption. (by @hai-x in #20191)Improve rendering node built-in modules for ECMA module output. (by @hai-x in #20255)
Unknown import.meta properties are now determined at runtime instead of being statically analyzed at compile time. (by @xiaoxiaojx in #20312)
Patch Changes
Fixed ESM default export handling for
.mjsfiles in Module Federation (by @y-okt in #20189)Optimized
import.meta.envhandling in destructuring assignments by using cached stringified environment definitions. (by @xiaoxiaojx in #20313)Respect the
stats.errorStackoption in stats output. (by @samarthsinh2660 in #20258)Fixed a bug where declaring a
modulevariable in module scope would conflict with the defaultmoduleArgument. (by @xiaoxiaojx in #20265)Fix VirtualUrlPlugin to set resourceData.context for proper module resolution. Previously, when context was not set, it would fallback to the virtual scheme path (e.g.,
virtual:routes), which is not a valid filesystem path, causing subsequent resolve operations to fail. (by @xiaoxiaojx in #20390)Fixed Worker self-import handling to support various URL patterns (e.g.,
import.meta.url,new URL(import.meta.url),new URL(import.meta.url, import.meta.url),new URL("./index.js", import.meta.url)). Workers that resolve to the same module are now properly deduplicated, regardless of the URL syntax used. (by @xiaoxiaojx in #20381)Reuse the same async entrypoint for the same Worker URL within a module to avoid circular dependency warnings when multiple Workers reference the same resource. (by @xiaoxiaojx in #20345)
Fixed a bug where a self-referencing dependency would have an unused export name when imported inside a web worker. (by @samarthsinh2660 in #20251)
Fix missing export generation when concatenated modules in different chunks share the same runtime in module library bundles. (by @hai-x in #20346)
Fixed
import.meta.env.xxxbehavior: when accessing a non-existent property, it now returns empty object instead of full object at runtime. (by @xiaoxiaojx in #20289)Improved parsing error reporting by adding a link to the loader documentation. (by @gaurav10gg in #20244)
Fix typescript types. (by @alexander-akait in #20305)
Add declaration for unused harmony import specifier. (by @hai-x in #20286)
Fix compressibility of modules while retaining portability. (by @dmichon-msft in #20287)
Optimize source map generation: only include
ignoreListproperty when it has content, avoiding empty arrays in source maps. (by @xiaoxiaojx in #20319)Preserve star exports for dependencies in ECMA module output. (by @hai-x in #20293)
Consider asset modulem to be side-effect free. (by @hai-x in #20352)
Avoid generating JavaScript modules for CSS exports that are not used, reducing unnecessary output and bundle size. (by @xiaoxiaojx in #20337)
v5.104.1Compare Source
Patch Changes
2efd21b: Reexports runtime calculation should not accessing WEBPACK_IMPORT_KEY decl with var.c510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.v5.104.0Compare Source
Minor Changes
d3dd841: Use method shorthand to render module content in__webpack_modules__object.d3dd841: Enhanceimport.meta.envto support object access.4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.04cd530: Handle more at-rules for CSS modules.cafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.d3dd841: Addedbase64url,base62,base58,base52,base49,base36,base32andbase25digests.5983843: Provide a stable runtime function variable__webpack_global__.d3dd841: ImprovedlocalIdentNamehashing for CSS.Patch Changes
22c48fb: Added module existence check for informative error message in development mode.50689e1: Use the fully qualified class name (or export name) for[fullhash]placeholder in CSS modules.d3dd841: Support universal lazy compilation.d3dd841: Fixed module library export definitions when multiple runtimes.d3dd841: Fixed CSS nesting and CSS custom properties parsing.d3dd841: Don't write fragment from URL to filename and apply fragment to module URL.aab1da9: Fixed bugs forcss/globaltype.d3dd841: Compatibilityimport.meta.filenameandimport.meta.dirnamewithevaldevtools.d3dd841: Handle nested__webpack_require__.728ddb7: The speed of identifier parsing has been improved.0f8b31b: Improve types.d3dd841: Don't corruptdebugIdinjection whenhidden-source-mapis used.2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.d3dd841: SerializeHookWebpackError.d3dd841: Added ability to use built-in properties in dotenv and define plugin.3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.d3dd841: Reduce collision for local indent name in CSS.d3dd841: Remove CSS link tags when CSS imports are removed.v5.103.0Compare Source
Features
DotenvPluginand top leveldotenvoption to enable this pluginWebpackManifestPluginignoreListoption in devtool pluginsimport.meta.envsupport for environment variablesimport.meta.dirnameandimport.meta.filenameimport.defer()for statistical pathimport file from "./file.json" with { type: "json" }__dirname/__filename/import.meta.dirname/import.meta.filenamefor universal targetexportTypeoption withlink(by default), "text" andcss-style-sheetvaluescomposespropertiesFixes
dependOnchunk must be loaded before the common chunkglobalThissupported__dirnameand__filenamefor ES modules__webpack_export__and__webpack_require__in already bundled codehashDigesttypev5.102.1Compare Source
Fixes
extendswithenvforbrowserslistJSONPfragment format for web workers.browserslist.commonjsexternals forSystemJSformat.import.metawarning messages to be more clear when used directly.Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.
⚠️ Artifact update problem
Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.
♻ Renovate will retry this branch, including artifacts, only when one of the following happens:
The artifact failure details are included below:
File name: yarn.lock
799af2eec6baa1c0bccbchore(deps): update dependency webpack to v5.102.1to chore(deps): update dependency webpack to v5.103.0baa1c0bccbcc4233e3f2chore(deps): update dependency webpack to v5.103.0to chore(deps): update dependency webpack to v5.104.1cc4233e3f269c787e860chore(deps): update dependency webpack to v5.104.1to chore(deps): update dependency webpack to v5.105.069c787e860a37fba689cchore(deps): update dependency webpack to v5.105.0to chore(deps): update dependency webpack to v5.105.2View command line instructions
Checkout
From your project repository, check out a new branch and test the changes.Merge
Merge the changes and update on Forgejo.Warning: The "Autodetect manual merge" setting is not enabled for this repository, you will have to mark this pull request as manually merged afterwards.