Bump json5, react-hot-loader, babel-loader, copy-webpack-plugin, css-loader, html-loader, raw-loader, sass-loader, style-loader, webpack and webpack-cli

[dependabot[bot]]

Bumps json5 to 2.2.2 and updates ancestor dependencies json5, json5, json5, react-hot-loader, babel-loader, copy-webpack-plugin, css-loader, html-loader, raw-loader, sass-loader, style-loader, webpack and webpack-cli. These dependencies need to be updated together.

Updates json5 from 2.2.0 to 2.2.2

Release notes

Sourced from json5's releases.

v2.2.2

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

Changelog

Sourced from json5's changelog.

v2.2.2 [code, diff]

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

Commits

• 14f8cb1 2.2.2
• 10cc7ca docs: update CHANGELOG for v2.2.2
• 7774c10 fix: add proto to objects and arrays
• edde30a Readme: slight tweak to intro
• 97286f8 Improve example in readme
• d720b4f Improve readme (e.g. explain JSON5 better!) (#291)
• 910ce25 docs: fix spelling of Aseem
• 2aab4dd test: require tap as t in cli tests
• 6d42686 test: remove mocha syntax from tests
• 4798b9d docs: update installation and usage for modules
• Additional commits viewable in compare view

Updates json5 from 2.1.1 to 2.2.2

Release notes

Sourced from json5's releases.

v2.2.2

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

Changelog

Sourced from json5's changelog.

v2.2.2 [code, diff]

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

Commits

• 14f8cb1 2.2.2
• 10cc7ca docs: update CHANGELOG for v2.2.2
• 7774c10 fix: add proto to objects and arrays
• edde30a Readme: slight tweak to intro
• 97286f8 Improve example in readme
• d720b4f Improve readme (e.g. explain JSON5 better!) (#291)
• 910ce25 docs: fix spelling of Aseem
• 2aab4dd test: require tap as t in cli tests
• 6d42686 test: remove mocha syntax from tests
• 4798b9d docs: update installation and usage for modules
• Additional commits viewable in compare view

Updates json5 from 2.1.3 to 2.2.2

Release notes

Sourced from json5's releases.

v2.2.2

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

Changelog

Sourced from json5's changelog.

v2.2.2 [code, diff]

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

Commits

• 14f8cb1 2.2.2
• 10cc7ca docs: update CHANGELOG for v2.2.2
• 7774c10 fix: add proto to objects and arrays
• edde30a Readme: slight tweak to intro
• 97286f8 Improve example in readme
• d720b4f Improve readme (e.g. explain JSON5 better!) (#291)
• 910ce25 docs: fix spelling of Aseem
• 2aab4dd test: require tap as t in cli tests
• 6d42686 test: remove mocha syntax from tests
• 4798b9d docs: update installation and usage for modules
• Additional commits viewable in compare view

Updates react-hot-loader from 4.12.15 to 4.13.1

Release notes

Sourced from react-hot-loader's releases.

🔥-rc for 17-rc

Bug Fixes

• tailUpdate might be blocked by a PureComponent (#1448) (e44103a)
• provide "hot fallback" when module.hot is not truthy (#1451) (ec3447f)

Features

• 😅 (partial) support for React 17 (#1557) (c05396b), closes #1425

v4.12.19

Bug Fixes

• don't record signatures of local hooks, fixes #1412 (#1413) (c159844)

v4.12.18

Bug Fixes

• (regression) hook order change is causing React error, fixes #1393 (6707b4b)
• production babel plugin might perform eager replacement, fixes #1388 (b94adb3)

v4.12.17

Bug Fixes

• move @​types/react from to peer dependencies, fixes #1391 (5ab2cab)

v4.12.16

Bug Fixes

• dont write to elementType if it is not defined, fixes #1357 (1072303)
• explain why RHL could not be activated, fixes #1362 (9561d66)
• more @​types/react to dependencies, fixes #1359 (af42c1a)
• use logger.warn instead of console to report tail update, fixes #1386 (fbc890a)

Changelog

Sourced from react-hot-loader's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

4.13.0 (2020-09-22)

Bug Fixes

• tailUpdate might be blocked by a PureComponent (#1448) (e44103a)
• when module.hot is not truthy (#1451) (ec3447f)

Features

• support React 17 (#1557) (c05396b), closes #1425

4.12.21 (2020-04-30)

Bug Fixes

• add peerDependenciesMeta in package.json (#1433)

4.12.20 (2020-03-14)

Bug Fixes

• patch support for react-dom 16.13 (#1428) (5475fe7)

4.12.19 (2020-01-22)

Bug Fixes

• don't record signatures of local hooks, fixes #1412 (#1413) (c159844)

4.12.18 (2019-11-16)

Bug Fixes

• (regression) hook order change is causing React error, fixes #1393 (6707b4b)
• production babel plugin might perform eager replacement, fixes #1388 (b94adb3)

4.12.17 (2019-11-12)

Bug Fixes

... (truncated)

Commits

• 07d1f4e 4.13.1
• bddd179 update loader-utils version (#1849)
• f58a931 Remove space after peerDependency version definition (#1843)
• 642b705 README.mdfix typo (#1811)
• ed8b310 Note create-react-app support for fast refresh in readme (#1708)
• 6032f42 chore(release): 4.13.0
• c05396b feat: support React 17 (#1557)
• e44103a fix: tailUpdate might be blocked by a PureComponent (#1448)
• 74d3d9b Merge pull request #1513 from gaearon/gaearon-patch-1
• d73d505 README: Link to Fast Refresh Webpack plugin
• Additional commits viewable in compare view

Updates babel-loader from 8.0.6 to 8.3.0

Release notes

Sourced from babel-loader's releases.

v8.3.0

New features

• Pass external dependencies from Babel to Webpack by @​nicolo-ribaudo in babel/babel-loader#971

Full Changelog: https://github.com/babel/babel-loader/compare/v8.2.5...v8.3.0

v8.2.5

What's Changed

• fix: respect inputSourceMap loader option by @​alan-agius4 in babel/babel-loader#896

New Contributors

• @​alan-agius4 made their first contribution in babel/babel-loader#896

Full Changelog: https://github.com/babel/babel-loader/compare/v8.2.4...v8.2.5

v8.2.4

What's Changed

• doc(README.md): fix a broken markdown link by @​loveDstyle in babel/babel-loader#919
• Bump loader-utils to 2.x by @​stianjensen in babel/babel-loader#931
• Use md5 hashing for OpenSSL 3 by @​pathmapper in babel/babel-loader#924

Thanks @​loveDstyle, @​stianjensen and @​pathmapper for your first PRs!

8.2.3

This release fixes compatibility with Node.js 17

• Use md5 hash for caching on node v17 (babel/babel-loader#918)

Thanks @​Reptarsrage!

8.2.1

• Move @ava/babel to devDependencies #881 (@​jvasseur)

8.2.0

• Replace mkdirp with make-dir 47958ca3857e489e450b27c6f3266375015cba82 (@​JLHwung)
• Use async config loading when available d8cff97ff387ded0fc9b5cbc489228c96c5ab14a (@​the-spyke)

8.1.0

• docs(readme): fix typo #818 (@​frederickfogerty)
• docs(contributing): fix typo #821 (@​PatNeedham)
• Add schema validation #822 (@​ogonkov)
• Add supportsTopLevelAwait to caller #814 (@​nicolo-ribaudo)
• feat: expose webpack target via babel caller #826 (@​DylanPiercey)
• Bump deps for audit #834 (@​existentialism)

Commits

• 9bf5652 8.3.0
• 80ab7d0 Update @babel/ dependencies
• 493ac6c Pass external dependencies from Babel to Webpack (#971)
• df28fe3 Fix broken main test (#950)
• 0b338e4 update hash method so it doesn't fail on a fips enabled machine (#939)
• 1f98d3c 8.2.5
• c622868 fix: respect inputSourceMap loader option (#896)
• f7982c1 8.2.4
• 4bb9e21 Use md5 hashing for OpenSSL 3 (#924)
• 247c94b Bump loader-utils to 2.x (#931)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by nicolo-ribaudo, a new releaser for babel-loader since your current version.

Updates copy-webpack-plugin from 5.1.1 to 11.0.0

Release notes

Sourced from copy-webpack-plugin's releases.

v11.0.0

11.0.0 (2022-05-17)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 14.15.0

v10.2.4

10.2.4 (2022-01-31)

Bug Fixes

• types (#666) (a1c2308)

v10.2.3

10.2.3 (2022-01-29)

Bug Fixes

• async to support (fd095fb)

v10.2.2

10.2.2 (2022-01-28)

Bug Fixes

• types (#664) (f58470e)

v10.2.1

10.2.1 (2022-01-20)

Bug Fixes

• types (#661) (324aecb)

v10.2.0

10.2.0 (2021-12-16)

Features

• removed cjs wrapper and generated types in commonjs format (export = and namespaces used in types), now you can directly use exported types (#654) (5901006)

v10.1.0

10.1.0 (2021-12-10)

... (truncated)

Changelog

Sourced from copy-webpack-plugin's changelog.

11.0.0 (2022-05-17)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 14.15.0

build

• drop node v12 (#691) (675c676)

10.2.4 (2022-01-31)

Bug Fixes

• types (#666) (a1c2308)

10.2.3 (2022-01-29)

Bug Fixes

• async to support (fd095fb)

10.2.2 (2022-01-28)

Bug Fixes

• types (#664) (f58470e)

10.2.1 (2022-01-20)

Bug Fixes

• types (#661) (324aecb)

10.2.0 (2021-12-16)

Features

• removed cjs wrapper and generated types in commonjs format (export = and namespaces used in types), now you can directly use exported types (#654) (5901006)

10.1.0 (2021-12-10)

Features

... (truncated)

Commits

• f3b2c24 chore(release): 11.0.0
• 8424ca8 chore(deps): regenerate lock file (#693)
• 675c676 build: drop node v12 (#691)
• a2b1f19 chore: update gitub actions (#692)
• 238c062 chore: upgrade dependencies to the latest version (#688)
• e27006e ci: remove node v17 (#687)
• e50d708 chore: add node 18 to workflow (#686)
• f1a91e6 ci: don't install webpack again (#680)
• 64cf06f docs: add path string to options signature (#683)
• 4b18a6b docs: improve readme
• Additional commits viewable in compare view

Updates css-loader from 3.2.0 to 6.7.3

Release notes

Sourced from css-loader's releases.

v6.7.3

6.7.3 (2022-12-14)

Bug Fixes

• remove sourceURL from emitted CSS (#1487) (962924c)

v6.7.2

6.7.2 (2022-11-13)

Bug Fixes

• css modules generation with inline syntax (#1480) (2f4c273)

v6.7.1

6.7.1 (2022-03-08)

Bug Fixes

• defaultGetLocalIdent export (#1427) (74dac1e)

v6.7.0

6.7.0 (2022-03-04)

Features

• re-export defaultGetLocalIdent (#1423) (207cf36)

v6.6.0

6.6.0 (2022-02-02)

Features

• added the hashStrategy option (ca4abce)

v6.5.1

6.5.1 (2021-11-03)

Bug Fixes

• regression with unicode characters in locals (b7a8441)
• runtime path generation (#1393) (feafea8)

v6.5.0

... (truncated)

Changelog

Sourced from css-loader's changelog.

6.7.3 (2022-12-14)

Bug Fixes

• remove sourceURL from emitted CSS (#1487) (962924c)

6.7.2 (2022-11-13)

Bug Fixes

• css modules generation with inline syntax (#1480) (2f4c273)

6.7.1 (2022-03-08)

Bug Fixes

• defaultGetLocalIdent export (#1427) (74dac1e)

6.7.0 (2022-03-04)

Features

• re-export defaultGetLocalIdent (#1423) (207cf36)

6.6.0 (2022-02-02)

Features

• added the hashStrategy option (ca4abce)

6.5.1 (2021-11-03)

Bug Fixes

• regression with unicode characters in locals (b7a8441)
• runtime path generation (#1393) (feafea8)

6.5.0 (2021-10-26)

Features

• support absolute URL in url() when experiments.buildHttp enabled (#1389) (8946be4)

... (truncated)

Commits

• ef749f2 chore(release): 6.7.3
• 36fb945 chore: fix cspell
• 962924c fix: remove sourceURL from emitted CSS (#1487)
• 3f3f302 chore(deps): bump decode-uri-component from 0.2.0 to 0.2.2 (#1486)
• 04ca713 chore: update dependencies to the latest version (#1485)
• 9449827 chore: update styfle/cancel-workflow-action (#1484)
• 6c67af8 chore: add cSpell to check spelling issues (#1482)
• 239b9ac chore(deps): bump loader-utils from 2.0.3 to 2.0.4 (#1481)
• 394d200 chore(release): 6.7.2
• 2f4c273 fix: css modules generation with inline syntax (#1480)
• Additional commits viewable in compare view

Updates html-loader from 0.5.5 to 4.2.0

Release notes

Sourced from html-loader's releases.

v4.2.0

4.2.0 (2022-09-22)

Features

• update html minifier (#462) (27a6caf)

v4.1.0

4.1.0 (2022-07-11)

Features

• added the scriptingEnabled option (#448) (6ed9f9c)

v4.0.0

4.0.0 (2022-06-15)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 14.15.0
• update parse5 to 7.0.0

Bug Fixes

• handle text with <script> in the script element (#444) (9949d82)

v3.1.2

Fix

• broken release

v3.1.0

3.1.0 (2022-01-08)

Features

• add possibility to extend default minimize options (#414) (0fa36af)

v3.0.1

3.0.1 (2021-11-02)

Bug Fixes

• context for loader without resource (#409) (eb08a58)
• handle attributes without tag (#410) (e5d5fd8)

... (truncated)

Changelog

Sourced from html-loader's changelog.

4.2.0 (2022-09-22)

Features

• update html minifier (#462) (27a6caf)

4.1.0 (2022-07-11)

Features

• added the scriptingEnabled option (#448) (6ed9f9c)

4.0.0 (2022-06-15)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 14.15.0
• update parse5 to 7.0.0

Bug Fixes

• handle text with <script> in the script element (#444) (9949d82)

3.1.0 (2022-01-08)

Features

• add possibility to extend default minimize options (#414) (0fa36af)

3.0.1 (2021-11-02)

Bug Fixes

• context for loader without resource (#409) (eb08a58)
• handle attributes without tag (#410) (e5d5fd8)

3.0.0 (2021-10-21)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 12.13.0

Features

... (truncated)

Commits

• 17fbef3 chore(release): 4.2.0
• 27a6caf feat: update html minifier (#462)
• 01905ba chore: update commitlint action (#461)
• 37d2073 chore: run cancel workflow on pull request (#458)
• 7dd065c chore: update jest to the latest version (#457)
• 3ddf326 ci: update github workflow security permissions (#456)
• 2457eda chore: upgrade dependencies to the latest version (#455)
• 3ea5738 ci: add job to cancel previous runs (#454)
• 33cc6d0 chore: update dependencies to the latest version (#453)
• e81a944 ci: add GitHub token permissions for workflow (#450)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for html-loader since your current version.

Updates raw-loader from 3.1.0 to 4.0.2

Release notes

Sourced from raw-loader's releases.

v4.0.2

4.0.2 (2020-10-09)

Chore

• update schema-utils

v4.0.1

4.0.1 (2020-04-15)

Chore

• update deps

v4.0.0

4.0.0 (2019-11-25)

Features

• new esModules option

BREAKING CHANGES

• minimum required nodejs version is 10.13.0

Changelog

Sourced from raw-loader's changelog.

4.0.2 (2020-10-09)

Chore

• update schema-utils

4.0.1 (2020-04-15)

Chore

• update deps

4.0.0 (2019-11-25)

Features

• new esModules option

BREAKING CHANGES

• minimum required nodejs version is 10.13.0

Commits

• dbe458d chore(release): 4.0.2
• b89d8d9 chore(deps): update (#100)
• 30daf0d chore(deps): remove unnecessary deps
• 35a10f4 chore(release): 4.0.1
• 21f0ca5 chore(deps): update (#90)
• e76476c chore(release): 4.0.0
• 5ec82d6 refactor: next (#88)
• See full diff in compare view

Updates sass-loader from 8.0.0 to 13.2.0

Release notes

Sourced from sass-loader's releases.

v13.2.0

13.2.0 (2022-11-09)

Features

• add support for node-sass v8 (#1100) (e5581b7)

v13.1.0

13.1.0 (2022-10-06)

Features

• allow to extend conditionNames (#1092) (6e02c64)

v13.0.2

13.0.2 (2022-06-27)

Bug Fixes

• hide error stacktrace on Sass errors (#1069) (5e6a61b)

v13.0.1

13.0.1 (2022-06-24)

Bug Fixes

• optimize debug message formatting, #1065 (#1066) (49a578a)

v13.0.0

13.0.0 (2022-05-18)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 14.15.0 (#1048)
• emit @warn at-rules as webpack warnings by default, if you want to revert behavior please use the warnRuleAsWarning option (#1054) (58ffb68)

Bug Fixes

• do not crash on importers for modern API (#1052) (095814e)
• do not store original sass error in webpack error(#1053) (06d7533)

v12.6.0

12.6.0 (2022-02-15)

... (truncated)

Changelog

Sourced from sass-loader's changelog.

13.2.0 (2022-11-09)

Features

• add support for node-sass v8 (#1100) (e5581b7)

13.1.0 (2022-10-06)

Features

• allow to extend conditionNames (#1092) (6e02c64)

13.0.2 (2022-06-27)

Bug Fixes

• hide error stacktrace on Sass errors (#1069) (5e6a61b)

13.0.1 (2022-06-24)

Bug Fixes

• optimize debug message formatting, #1065 (#1066) (49a578a)

13.0.0 (2022-05-18)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 14.15.0 (#1048)
• emit @warn at-rules as webpack warnings by default, if you want to revert behavior please use the warnRuleAsWarning option (#1054) (58ffb68)

Bug Fixes

• do not crash on importers for modern API (#1052) (095814e)
• do not store original sass error in webpack error(#1053) (06d7533)

12.6.0 (2022-02-15)

Features

• added support for automatic loading of sass-embedded (