Bump webpack from 5.92.1 to 5.95.0

[dependabot[bot]]

Bumps webpack from 5.92.1 to 5.95.0.

Release notes

Sourced from webpack's releases.

v5.95.0

Bug Fixes

• Fixed hanging when attempting to read a symlink-like file that it can't read
• Handle default for import context element dependency
• Merge duplicate chunks call after split chunks
• Generate correctly code for dynamically importing the same file twice and destructuring
• Use content hash as [base] and [name] for extracted DataURI's
• Distinguish module and import in module-import for externals import's
• [Types] Make EnvironmentPlugin default values types less strict
• [Types] Typescript 5.6 compatibility

New Features

• Add new optimization.avoidEntryIife option (true by default for the production mode)
• Pass output.hash* options to loader context

Performance

• Avoid unneeded re-visit in build chunk graph

v5.94.0

Bug Fixes

• Added runtime condition for harmony reexport checked
• Handle properly data/http/https protocols in source maps
• Make bigint optimistic when browserslist not found
• Move @​types/eslint-scope to dev deps
• Related in asset stats is now always an array when no related found
• Handle ASI for export declarations
• Mangle destruction incorrect with export named default properly
• Fixed unexpected asi generation with sequence expression
• Fixed a lot of types

New Features

• Added new external type "module-import"
• Support webpackIgnore for new URL() construction
• [CSS] @import pathinfo support

Security

• Fixed DOM clobbering in auto public path

v5.93.0

Bug Fixes

• Generate correct relative path to runtime chunks
• Makes DefinePlugin quieter under default log level
• Fixed mangle destructuring default in namespace import

... (truncated)

Commits

• e20fd63 chore(release): 5.95.0
• 4866b0d feat: added new optimization.entryIife option
• d90f692 fix: merge duplicate chunks after split chunks
• 90dec30 fix(externals): distinguish “module” and “import” in “module-import”
• c1a0a46 fix(externals): distinguish “module” and “import” in “module-import”
• 14d8fa8 fix: all tests cases
• dae16ad feat: pass output.hash* options to loader context
• 75d185d feat: pass output.hash* options to loader context
• 46e0b9c test: update
• 8e62f9f test
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions[bot]]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/@types/estree	1.0.6	:green_circle: 7	Details Check Score Reason Code-Review :green_circle: 9 Found 29/30 approved changesets -- score normalized to 9 Maintained :green_circle: 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Security-Policy :green_circle: 10 security policy file detected Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing :warning: 0 project is not fuzzed
npm/enhanced-resolve	5.17.1	:green_circle: 6	Details Check Score Reason Code-Review :warning: 1 Found 2/11 approved changesets -- score normalized to 1 Maintained :green_circle: 10 14 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions :green_circle: 10 GitHub workflow tokens follow principle of least privilege Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed Security-Policy :warning: 0 security policy file not detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/webpack	5.95.0	:green_circle: 5.8	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 3 Found 4/11 approved changesets -- score normalized to 3 License :green_circle: 10 license file detected CII-Best-Practices :warning: 2 badge detected: InProgress Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: -1 no releases found Token-Permissions :green_circle: 10 GitHub workflow tokens follow principle of least privilege Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 9 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :warning: 0 binaries present in source code Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/webpack	^5.95.0	:green_circle: 5.8	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 3 Found 4/11 approved changesets -- score normalized to 3 License :green_circle: 10 license file detected CII-Best-Practices :warning: 2 badge detected: InProgress Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: -1 no releases found Token-Permissions :green_circle: 10 GitHub workflow tokens follow principle of least privilege Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 9 security policy file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :warning: 0 binaries present in source code Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected

Scanned Manifest Files

package-lock.json

• webpack@5.92.1
• @types/estree@1.0.6
• enhanced-resolve@5.17.1
• webpack@5.95.0
• @types/eslint@8.44.0
• @types/eslint-scope@3.7.4
• @types/estree@1.0.5
• enhanced-resolve@5.17.0

package.json

• webpack@^5.95.0
• webpack@^5.92.1