[Snyk] Upgrade webpack from 5.11.0 to 5.88.2 #1493

Tanver-Hasan · 2023-08-20T17:45:50Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade webpack from 5.11.0 to 5.88.2.

As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 135 versions ahead of your current version.
The recommended version was released a month ago, on 2023-07-18.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Sandbox Bypass SNYK-JS-WEBPACK-3358798	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: webpack

5.88.2 - 2023-07-18
Bug Fixes
- Fixed a bug where unused identifiers should retain names when using css modules by @ burhanuday in #17444
Full Changelog: v5.88.1...v5.88.2
5.88.1 - 2023-06-28
Developer Experience
- Significantly improve TypeScript coverage for Library Plugins by @ alexander-akait in #17414
Full Changelog: v5.88.0...v5.88.1
5.88.0 - 2023-06-21
New Features
- [CSS] - Use css/auto as the default css mode by @ burhanuday in #17399
Bug Fixes
- Fix bugs related to require.context and layer by @ alexander-akait in #17388
- Fix bug in runtime for CSS loading by @ alexander-akait in #17400
- Correct indirect call for tagged template expressions using correct this context by @ alexander-akait in #17397
- Update environment support for KaiOS browser by @ steverep in #17395
- Fix async module runtime code for running top-level-await by @ ahabhgk in #17393
Developer Experience
- Add example for stats minimal output by @ ersachin3112 in #17406
- Significantly improve type coverage for Dependency, Runtime, Template classes by @ alexander-akait in #17394
Dependencies & Maintenance
- Bump browserslist from 4.21.8 to 4.21.9 by @ dependabot in #17389
- Bump acorn from 8.8.2 to 8.9.0 by @ dependabot in #17402
- Bump eslint from 8.42.0 to 8.43.0 by @ dependabot in #17401
- Bump eslint-plugin-jest from 27.2.1 to 27.2.2 by @ dependabot in #17407
New Contributors
- @ steverep made their first contribution in #17395
Full Changelog: v5.87.0...v5.88.0
5.87.0 - 2023-06-14
New Features
- Implement fetchPriority feature as parser option and magic comment by @ alexander-akait in #17249
- [CSS] - Introduce 'css/auto' as a css module type by @ ahabhgk in #16577
- [CSS] - Style-specific fields now automatically resolve in package.json by @ burhanuday in #17346
- webpack configuration API now accepts "falsy values" loaders and plugins by @ alexander-akait in #17339
Bug Fixes
- Fix codecov badge in readme by @ burhanuday in #17353
Developer Experience
- Add link to svelte loader for webpack by @ burhanuday in #17369
- Increase parser API types in internal plugins across dependency plugins @ alexander-akait in #17365
Dependencies & Maintenance
- Bump memfs from 3.5.2 to 3.5.3 by @ dependabot in #17347
- Bump webpack-cli from 5.1.3 to 5.1.4 by @ dependabot in #17349
- Bump es-module-lexer from 1.2.1 to 1.3.0 by @ dependabot in #17362
- Bump @ types/node from 20.2.5 to 20.3.0 by @ dependabot in #17361
- Bump core-js from 3.30.2 to 3.31.0 by @ dependabot in #17360
- Bump browserslist from 4.21.6 to 4.21.8 by @ dependabot in #17367
- Bump @ types/node from 20.3.0 to 20.3.1 by @ dependabot in #17366
New Contributors

@ aboktor made their first contribution in #16991 #16989
@ silverwind made their first contribution in #17339 via #17329

Full Changelog: v5.86.0...v5.87.0
5.86.0 - 2023-06-07
Read more
5.85.1 - 2023-06-05
Bug Fixes
- Fix bug in handling barrel imports (#17305) by @ bworline in #17307 - NOTE: An internal API BasicEvaluatedExpression.getMemberRangeStarts has been changed to BasicEvaluatedExpression.getMemberRanges, please see type definition changes and the pull request for more information.
Dependencies & Maintenance
- Bump @ types/jest from 29.5.1 to 29.5.2 by @ dependabot in #17297
Full Changelog: v5.85.0...v5.85.1
5.85.0 - 2023-05-31
Read more
5.84.1 - 2023-05-25
Read more
5.84.0 - 2023-05-24
Read more
5.83.1 - 2023-05-17
Read more
5.83.0 - 2023-05-17
5.82.1 - 2023-05-10
5.82.0 - 2023-05-03
5.81.0 - 2023-04-26
5.80.0 - 2023-04-19
5.79.0 - 2023-04-12
5.78.0 - 2023-04-05
5.77.0 - 2023-03-29
5.76.3 - 2023-03-22
5.76.2 - 2023-03-15
5.76.1 - 2023-03-10
5.76.0 - 2023-03-08
5.75.0 - 2022-11-09
5.74.0 - 2022-07-25
5.73.0 - 2022-06-02
5.72.1 - 2022-05-10
5.72.0 - 2022-04-07
5.71.0 - 2022-04-01
5.70.0 - 2022-03-03
5.69.1 - 2022-02-17
5.69.0 - 2022-02-15
5.68.0 - 2022-01-31
5.67.0 - 2022-01-21
5.66.0 - 2022-01-12
5.65.0 - 2021-12-06
5.64.4 - 2021-11-25
5.64.3 - 2021-11-24
5.64.2 - 2021-11-20
5.64.1 - 2021-11-15
5.64.0 - 2021-11-11
5.63.0 - 2021-11-09
5.62.2 - 2021-11-09
5.62.1 - 2021-11-05
5.62.0 - 2021-11-05
5.61.0 - 2021-10-29
5.60.0 - 2021-10-25
5.59.1 - 2021-10-20
5.59.0 - 2021-10-19
5.58.2 - 2021-10-13
5.58.1 - 2021-10-08
5.58.0 - 2021-10-07
5.57.1 - 2021-10-05
5.57.0 - 2021-10-05
5.56.1 - 2021-10-04
5.56.0 - 2021-10-01
5.55.1 - 2021-09-29
5.55.0 - 2021-09-28
5.54.0 - 2021-09-24
5.53.0 - 2021-09-16
5.52.1 - 2021-09-10
5.52.0 - 2021-09-03
5.51.2 - 2021-09-02
5.51.1 - 2021-08-19
5.51.0 - 2021-08-19
5.50.0 - 2021-08-10
5.49.0 - 2021-08-06
5.48.0 - 2021-08-02
5.47.1 - 2021-07-29
5.47.0 - 2021-07-27
5.46.0 - 2021-07-22
5.45.1 - 2021-07-16
5.45.0 - 2021-07-16
5.44.0 - 2021-07-08
5.43.0 - 2021-07-06
5.42.1 - 2021-07-05
5.42.0 - 2021-07-02
5.41.1 - 2021-06-29
5.41.0 - 2021-06-28
5.40.0 - 2021-06-21
5.39.1 - 2021-06-17
5.39.0 - 2021-06-14
5.38.1 - 2021-05-27
5.38.0 - 2021-05-27
5.37.1 - 2021-05-19
5.37.0 - 2021-05-10
5.36.2 - 2021-04-30
5.36.1 - 2021-04-28
5.36.0 - 2021-04-27
5.35.1 - 2021-04-23
5.35.0 - 2021-04-21
5.34.0 - 2021-04-19
5.33.2 - 2021-04-14
5.33.1 - 2021-04-14
5.33.0 - 2021-04-14
5.32.0 - 2021-04-12
5.31.2 - 2021-04-09
5.31.1 - 2021-04-09
5.31.0 - 2021-04-07
5.30.0 - 2021-04-01
5.29.0 - 2021-04-01
5.28.0 - 2021-03-24
5.27.2 - 2021-03-22
5.27.1 - 2021-03-20
5.27.0 - 2021-03-19
5.26.3 - 2021-03-17
5.26.2 - 2021-03-16
5.26.1 - 2021-03-16
5.26.0 - 2021-03-15
5.25.1 - 2021-03-14
5.25.0 - 2021-03-12
5.24.4 - 2021-03-08
5.24.3 - 2021-03-03
5.24.2 - 2021-02-24
5.24.1 - 2021-02-23
5.24.0 - 2021-02-22
5.23.0 - 2021-02-18
5.22.0 - 2021-02-15
5.21.2 - 2021-02-07
5.21.1 - 2021-02-06
5.21.0 - 2021-02-05
5.20.2 - 2021-02-04
5.20.1 - 2021-02-03
5.20.0 - 2021-02-02
5.19.0 - 2021-01-29
5.18.0 - 2021-01-26
5.17.0 - 2021-01-22
5.16.0 - 2021-01-19
5.15.0 - 2021-01-15
5.14.0 - 2021-01-13
5.13.0 - 2021-01-11
5.12.3 - 2021-01-10
5.12.2 - 2021-01-09
5.12.1 - 2021-01-08
5.12.0 - 2021-01-08
5.11.1 - 2020-12-28
5.11.0 - 2020-12-17

from webpack GitHub release notes

Commit messages

Package name: webpack

1f99ad6 5.88.2
066cd49 Merge pull request #17444 from burhanuday/fix/css-unused-identifiers
a9cbd06 fix: unusued identifiers should retain names
6be4065 5.88.1
aee6035 Merge pull request #17414 from webpack/types-more-again
158e044 refactor(types): more
3092f7c refactor(types): more
cc734af refactor(types): more
1e18b1d 5.88.0
d15c734 Merge pull request #17394 from webpack/refactor-more-types
cff406c refactor(types): more
3f71468 refactor(types): more
d9d64b5 refactor(types): more
d1f1433 Merge pull request #17406 from ersachin3112/stats-minimal
e226101 refactor(types): more
a911bd9 refactor(types): more
e381884 refactor(types): more
4809421 refactor(types): more
1ab7cad Merge pull request #17393 from ahabhgk/fix-async-module
43c1958 Merge pull request #17395 from steverep/update-kaios-browser
76076f6 Merge pull request #17397 from webpack/issue-17390
da76b19 Merge pull request #17399 from burhanuday/feat/auto-css-modes
bc7daeb Merge pull request #17400 from webpack/fix-runtime-problems-with-css
60dc7b7 test: fix

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade webpack from 5.11.0 to 5.88.2. See this package in npm: https://www.npmjs.com/package/webpack See this project in Snyk: https://app.snyk.io/org/tanver-hasan/project/6e934631-b657-40d6-bf89-59ee9faa0c93?utm_source=github&utm_medium=referral&page=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade webpack from 5.11.0 to 5.88.2 #1493

[Snyk] Upgrade webpack from 5.11.0 to 5.88.2 #1493

Tanver-Hasan commented Aug 20, 2023

Bug Fixes

Developer Experience

New Features

Bug Fixes

Developer Experience

Dependencies & Maintenance

New Contributors

New Features

Bug Fixes

Developer Experience

Dependencies & Maintenance

New Contributors

Bug Fixes

Dependencies & Maintenance

[Snyk] Upgrade webpack from 5.11.0 to 5.88.2 #1493

Are you sure you want to change the base?

[Snyk] Upgrade webpack from 5.11.0 to 5.88.2 #1493

Conversation

Tanver-Hasan commented Aug 20, 2023

Snyk has created this PR to upgrade webpack from 5.11.0 to 5.88.2.

Bug Fixes

Developer Experience

New Features

Bug Fixes

Developer Experience

Dependencies & Maintenance

New Contributors

New Features

Bug Fixes

Developer Experience

Dependencies & Maintenance

New Contributors

Bug Fixes

Dependencies & Maintenance