search

DeviaVir / zenbot

Zenbot is a command-line cryptocurrency trading bot using Node.js and MongoDB.
MIT License
8.22k stars 2.04k forks source link

[Snyk] Upgrade webpack from 5.65.0 to 5.67.0 #2805

Closed snyk-bot closed 2 years ago

snyk-bot commented 2 years ago

Snyk has created this PR to upgrade webpack from 5.65.0 to 5.67.0.

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Release notes
Package name: webpack
  • 5.67.0 - 2022-01-21

    Features

    • add 'outputPath' configuration option for resource asset modules
    • support Trusted Types in eval source maps
    • experiments.css
      • allow to generate only exports for css in node
      • add SyncModuleIdsPlugin to sync module ids between server and client compilation
      • add more options to the DeterministicModuleIdsPlugin to allow to generate equal ids

    Developer Experience

    • limit data url module name in stats printer
    • allow specific description for CLI options
    • improve space limiting algorithm in stats printing to show partial lists
    • add null to errors in callbacks
    • fix call signature types of addChunkInGroup

    Bugfixes

    • avoid reporting non-existant package.jsons as dependencies
    • experiments.css
      • fix missing css runtime when only initial css is used
      • fix css hmr support
      • bugfixes to css modules
    • fix cache serialization for CreateScriptUrlDependency
    • fix data url content when processed by a loader
    • fix regexp in identifiers that include |
    • fix ProfilingPlugin for watch scenarios
    • add layer to module names and identifiers
      • this avoid random module id changes when additional modules are added to another layer
    • provide hashFunction parameter to DependencyTemplates to allow customizing it there
    • fix HMR when experiments.lazyCompilation is enabled
    • store url as Buffer to avoid serialization warnings
    • exclude webpack-hot-middleware/client from lazy compilation

    Contributing

    • remove travis configuration
    • improve spell checking
  • 5.66.0 - 2022-01-12

    Features

    • add output.library.type: "commonjs-static" to emit a statically analyse-able commonjs module (for node.js esm interop support)
    • add experiments.css (very experimental)

    Bugfixes

    • fix CORS headers for experiments.lazyCompilation
    • fix [absolute-resource-path] for SourceMap module naming
    • avoid stack overflow when accessing many memory cached cache values in series

    Performance

    • reduce default watchOptions.aggregateTimeout to 20ms
  • 5.65.0 - 2021-12-06

    Features

    • static evaluation understands undefined now
    • reduce container entry code by a few chars
    • use template literals when available and they make sense

    Bugfixes

    • handle singleton flag without requiredVersion in Module Federation
    • upgrade watchpack for context time info bugfix

    Performance

    • improve RegExp in error message formating for non-quadratic performance

    Developer Experience

    • automatically insert brackets when output.globalObject contains a non-trival expression
    • show error when using script type external with invalid syntax
    • expose types for Resolver, StatsOptions and ResolvePluginInstance

    Preparations for the future

    • hashDigestLength will default to 16 in webpack 6 (experiments.futureDefaults)
from webpack GitHub release notes
Commit messages
Package name: webpack
  • 4abe329 5.67.0
  • 6fa6e30 Merge pull request #13110 from eltociear/patch-1
  • 9dbf3ca Merge pull request #14721 from Schweinepriester/patch-1
  • f22a314 Merge pull request #15202 from tmeasday/webpack-hot-middleware-lazy-compilation
  • 3014a3b Merge pull request #15222 from webpack/bugfix/serialization-warning
  • 17f317b store url as Buffer to avoid serialization warnings
  • e2d214a Merge pull request #15200 from webpack/feature/css-exports-in-node
  • 1ed8aaf Merge pull request #14173 from tosmolka/tosmolka/14075
  • 181a2f0 remove broken concatenation for now
  • 70da0dd improve test case
  • 0670cf5 remove unneeded transitive runtime requirement
  • 8828dfa add experimental SyncModuleIdsPlugin
  • 9be408c Merge branch 'main' into webpack-hot-middleware-lazy-compilation
  • d39ce25 Exclude `webpack-hot-middleware/client` from lazy compilation
  • 1489b91 allow to generate only exports for css in node
  • e550b2c Merge pull request #14943 from nschonni/cspell-globs
  • e09d528 Merge pull request #15192 from webpack/dependabot/npm_and_yarn/webpack-sources-3.2.3
  • d631d14 Merge pull request #15015 from Knagis/feature/assetModules/outputPath
  • e2bfe58 nitpicks
  • 91dd188 Merge pull request #15187 from forivall/fix/addChunkInGroup-typings
  • d5bb62b doc: improve definition of addChunkInGroup via jsdoc
  • f875826 Merge pull request #15196 from webpack/bugfix/lazy-compilation-hmr
  • f16e746 Merge pull request #15195 from webpack/fix-hash-function-usage
  • 2fc4c8d Add 'outputPath' configuration option for resource asset modules
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs