Title: Bump webpack from 5.96.1 to 5.105.0 in /documentation in the npm-security-updates group across 1 directory by dependabot[bot] · Pull Request #3503 · secureCodeBox/secureCodeBox · GitHub
Open Graph Title: Bump webpack from 5.96.1 to 5.105.0 in /documentation in the npm-security-updates group across 1 directory by dependabot[bot] · Pull Request #3503 · secureCodeBox/secureCodeBox
X Title: Bump webpack from 5.96.1 to 5.105.0 in /documentation in the npm-security-updates group across 1 directory by dependabot[bot] · Pull Request #3503 · secureCodeBox/secureCodeBox
Description: Bumps the npm-security-updates group with 1 update in the /documentation directory: webpack.
Updates webpack from 5.96.1 to 5.105.0
Release notes
Sourced from webpack's releases.
v5.105.0
Minor Changes
Allow resolving worker module by export condition name when using new Worker() (by @hai-x in #20353)
Detect conditional imports to avoid compile-time linking errors for non-existent exports. (by @hai-x in #20320)
Added the tsconfig option for the resolver options (replacement for tsconfig-paths-webpack-plugin). Can be false (disabled), true (use the default tsconfig.json file to search for it), a string path to tsconfig.json, or an object with configFile and references options. (by @alexander-akait in #20400)
Support import.defer() for context modules. (by @ahabhgk in #20399)
Added support for array values to the devtool option. (by @hai-x in #20191)
Improve rendering node built-in modules for ECMA module output. (by @hai-x in #20255)
Unknown import.meta properties are now determined at runtime instead of being statically analyzed at compile time. (by @xiaoxiaojx in #20312)
Patch Changes
Fixed ESM default export handling for .mjs files in Module Federation (by @y-okt in #20189)
Optimized import.meta.env handling in destructuring assignments by using cached stringified environment definitions. (by @xiaoxiaojx in #20313)
Respect the stats.errorStack option in stats output. (by @samarthsinh2660 in #20258)
Fixed a bug where declaring a module variable in module scope would conflict with the default moduleArgument. (by @xiaoxiaojx in #20265)
Fix VirtualUrlPlugin to set resourceData.context for proper module resolution. Previously, when context was not set, it would fallback to the virtual scheme path (e.g., virtual:routes), which is not a valid filesystem path, causing subsequent resolve operations to fail. (by @xiaoxiaojx in #20390)
Fixed Worker self-import handling to support various URL patterns (e.g., import.meta.url, new URL(import.meta.url), new URL(import.meta.url, import.meta.url), new URL("./index.js", import.meta.url)). Workers that resolve to the same module are now properly deduplicated, regardless of the URL syntax used. (by @xiaoxiaojx in #20381)
Reuse the same async entrypoint for the same Worker URL within a module to avoid circular dependency warnings when multiple Workers reference the same resource. (by @xiaoxiaojx in #20345)
Fixed a bug where a self-referencing dependency would have an unused export name when imported inside a web worker. (by @samarthsinh2660 in #20251)
Fix missing export generation when concatenated modules in different chunks share the same runtime in module library bundles. (by @hai-x in #20346)
Fixed import.meta.env.xxx behavior: when accessing a non-existent property, it now returns empty object instead of full object at runtime. (by @xiaoxiaojx in #20289)
Improved parsing error reporting by adding a link to the loader documentation. (by @gaurav10gg in #20244)
Fix typescript types. (by @alexander-akait in #20305)
Add declaration for unused harmony import specifier. (by @hai-x in #20286)
Fix compressibility of modules while retaining portability. (by @dmichon-msft in #20287)
Optimize source map generation: only include ignoreList property when it has content, avoiding empty arrays in source maps. (by @xiaoxiaojx in #20319)
Preserve star exports for dependencies in ECMA module output. (by @hai-x in #20293)
... (truncated)
Changelog
Sourced from webpack's changelog.
5.105.0
Minor Changes
Allow resolving worker module by export condition name when using new Worker() (by @hai-x in #20353)
Detect conditional imports to avoid compile-time linking errors for non-existent exports. (by @hai-x in #20320)
Added the tsconfig option for the resolver options (replacement for tsconfig-paths-webpack-plugin). Can be false (disabled), true (use the default tsconfig.json file to search for it), a string path to tsconfig.json, or an object with configFile and references options. (by @alexander-akait in #20400)
Support import.defer() for context modules. (by @ahabhgk in #20399)
Added support for array values to the devtool option. (by @hai-x in #20191)
Improve rendering node built-in modules for ECMA module output. (by @hai-x in #20255)
Unknown import.meta properties are now determined at runtime instead of being statically analyzed at compile time. (by @xiaoxiaojx in #20312)
Patch Changes
Fixed ESM default export handling for .mjs files in Module Federation (by @y-okt in #20189)
Optimized import.meta.env handling in destructuring assignments by using cached stringified environment definitions. (by @xiaoxiaojx in #20313)
Respect the stats.errorStack option in stats output. (by @samarthsinh2660 in #20258)
Fixed a bug where declaring a module variable in module scope would conflict with the default moduleArgument. (by @xiaoxiaojx in #20265)
Fix VirtualUrlPlugin to set resourceData.context for proper module resolution. Previously, when context was not set, it would fallback to the virtual scheme path (e.g., virtual:routes), which is not a valid filesystem path, causing subsequent resolve operations to fail. (by @xiaoxiaojx in #20390)
Fixed Worker self-import handling to support various URL patterns (e.g., import.meta.url, new URL(import.meta.url), new URL(import.meta.url, import.meta.url), new URL("./index.js", import.meta.url)). Workers that resolve to the same module are now properly deduplicated, regardless of the URL syntax used. (by @xiaoxiaojx in #20381)
Reuse the same async entrypoint for the same Worker URL within a module to avoid circular dependency warnings when multiple Workers reference the same resource. (by @xiaoxiaojx in #20345)
Fixed a bug where a self-referencing dependency would have an unused export name when imported inside a web worker. (by @samarthsinh2660 in #20251)
Fix missing export generation when concatenated modules in different chunks share the same runtime in module library bundles. (by @hai-x in #20346)
Fixed import.meta.env.xxx behavior: when accessing a non-existent property, it now returns empty object instead of full object at runtime. (by @xiaoxiaojx in #20289)
Improved parsing error reporting by adding a link to the loader documentation. (by @gaurav10gg in #20244)
Fix typescript types. (by @alexander-akait in #20305)
Add declaration for unused harmony import specifier. (by @hai-x in #20286)
Fix compressibility of modules while retaining portability. (by @dmichon-msft in #20287)
Optimize source map generation: only include ignoreList property when it has content, avoiding empty arrays in source maps. (by @xiaoxiaojx in #20319)
... (truncated)
Commits
1486f9a chore(release): new release
1a517f6 feat: added the tsconfig option for the resolver options (#20400)
7b3b0f7 feat: support import.defer() for context modules
c4a6a92 refactor: more types and increase types coverage
5ecc58d feat: consider asset module as side-effect-free (#20352)
cce0f69 test: avoid comma operator in BinaryMiddleware test (#20398)
cd4793d feat: support import specifier guard (#20320)
fe48655 docs: update examples (#20397)
de107f8 fix(VirtualUrlPlugin): set resourceData.context to avoid invalid fallback (#2...
a656ab1 test: add self-import test case for dynamic import (#20389)
Additional commits viewable in compare view
Maintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for webpack since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show
Open Graph Description: Bumps the npm-security-updates group with 1 update in the /documentation directory: webpack. Updates webpack from 5.96.1 to 5.105.0 Release notes Sourced from webpack's releases. v5.105.0 Min...
X Description: Bumps the npm-security-updates group with 1 update in the /documentation directory: webpack. Updates webpack from 5.96.1 to 5.105.0 Release notes Sourced from webpack's releases. v5.105.0...
Opengraph URL: https://github.com/secureCodeBox/secureCodeBox/pull/3503
X: @github
Domain: patch-diff.githubusercontent.com
| route-pattern | /:user_id/:repository/pull/:id/files(.:format) |
| route-controller | pull_requests |
| route-action | files |
| fetch-nonce | v2:d6d197ce-cd55-551a-ebfa-854563739eb4 |
| current-catalog-service-hash | ae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b |
| request-id | EB60:1AD266:1C43028:24238C5:6990FA79 |
| html-safe-nonce | e767108d78f90a8ab842c6edd133dbbd1f8176710c982e84eca3a5ac6ff9c44b |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJFQjYwOjFBRDI2NjoxQzQzMDI4OjI0MjM4QzU6Njk5MEZBNzkiLCJ2aXNpdG9yX2lkIjoiODc0NjM0OTA3NzgyOTA1NzE0NSIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9 |
| visitor-hmac | b72a4f5603648af97a538df3d607ae7b38fe47bc65bea7fb3d5e77e50169e68e |
| hovercard-subject-tag | pull_request:3254133132 |
| github-keyboard-shortcuts | repository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | / |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/secureCodeBox/secureCodeBox/pull/3503/files |
| twitter:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| twitter:card | summary_large_image |
| og:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| og:image:alt | Bumps the npm-security-updates group with 1 update in the /documentation directory: webpack. Updates webpack from 5.96.1 to 5.105.0 Release notes Sourced from webpack's releases. v5.105.0 Min... |
| og:site_name | GitHub |
| og:type | object |
| hostname | github.com |
| expected-hostname | github.com |
| None | 42c603b9d642c4a9065a51770f75e5e27132fef0e858607f5c9cb7e422831a7b |
| turbo-cache-control | no-preview |
| diff-view | unified |
| go-import | github.com/secureCodeBox/secureCodeBox git https://github.com/secureCodeBox/secureCodeBox.git |
| octolytics-dimension-user_id | 34573705 |
| octolytics-dimension-user_login | secureCodeBox |
| octolytics-dimension-repository_id | 80711933 |
| octolytics-dimension-repository_nwo | secureCodeBox/secureCodeBox |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | false |
| octolytics-dimension-repository_network_root_id | 80711933 |
| octolytics-dimension-repository_network_root_nwo | secureCodeBox/secureCodeBox |
| turbo-body-classes | logged-out env-production page-responsive |
| disable-turbo | true |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | 848bc6032dcc93a9a7301dcc3f379a72ba13b96e |
| ui-target | full |
| theme-color | #1e2327 |
| color-scheme | light dark |
Links:
Viewport: width=device-width