center-for-threat-informed-defense / attack-workbench-frontend

An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains an Angular-based web application providing the user interface for the ATT&CK Workbench application.
https://mitre-engenuity.org/cybersecurity/center-for-threat-informed-defense/our-work/attck-workbench/
Apache License 2.0
325 stars 61 forks source link

Bump webpack and @angular-devkit/build-angular in /app #548

Closed dependabot[bot] closed 3 weeks ago

dependabot[bot] commented 1 month ago

Bumps webpack to 5.94.0 and updates ancestor dependency @angular-devkit/build-angular. These dependencies need to be updated together.

Updates webpack from 5.76.1 to 5.94.0

Release notes

Sourced from webpack's releases.

v5.94.0

Bug Fixes

  • Added runtime condition for harmony reexport checked
  • Handle properly data/http/https protocols in source maps
  • Make bigint optimistic when browserslist not found
  • Move @​types/eslint-scope to dev deps
  • Related in asset stats is now always an array when no related found
  • Handle ASI for export declarations
  • Mangle destruction incorrect with export named default properly
  • Fixed unexpected asi generation with sequence expression
  • Fixed a lot of types

New Features

  • Added new external type "module-import"
  • Support webpackIgnore for new URL() construction
  • [CSS] @import pathinfo support

Security

  • Fixed DOM clobbering in auto public path

v5.93.0

Bug Fixes

  • Generate correct relative path to runtime chunks
  • Makes DefinePlugin quieter under default log level
  • Fixed mangle destructuring default in namespace import
  • Fixed consumption of eager shared modules for module federation
  • Strip slash for pretty regexp
  • Calculate correct contenthash for CSS generator options

New Features

  • Added the binary generator option for asset modules to explicitly keep source maps produced by loaders
  • Added the modern-module library value for tree shakable output
  • Added the overrideStrict option to override strict or non-strict mode for javascript modules

v5.92.1

Bug Fixes

  • Doesn't crash with an error when the css experiment is enabled and contenthash is used

v5.92.0

Bug Fixes

  • Correct tidle range's comutation for module federation
  • Consider runtime for pure expression dependency update hash
  • Return value in the subtractRuntime function for runtime logic

... (truncated)

Commits
  • eabf85d chore(release): 5.94.0
  • 955e057 security: fix DOM clobbering in auto public path
  • 9822387 test: fix
  • cbb86ed test: fix
  • 5ac3d7f fix: unexpected asi generation with sequence expression
  • 2411661 security: fix DOM clobbering in auto public path
  • b8c03d4 fix: unexpected asi generation with sequence expression
  • f46a03c revert: do not use heuristic fallback for "module-import"
  • 60f1898 fix: do not use heuristic fallback for "module-import"
  • 66306aa Revert "fix: module-import get fallback from externalsPresets"
  • Additional commits viewable in compare view


Updates @angular-devkit/build-angular from 14.2.13 to 18.2.8

Release notes

Sourced from @​angular-devkit/build-angular's releases.

v18.2.8

18.2.8 (2024-10-09)

@​schematics/angular

Commit Description
fix - b522002ff add validation for component and directive class name
fix - dfd2d5c05 include index.csr.html in resources asset group

@​angular/build

Commit Description
fix - 9445916f9 Ctrl + C not terminating dev-server with SSR
fix - 9b5cfaa8c always generate a new hash for optimized chunk

v18.2.7

18.2.7 (2024-10-02)

@​schematics/angular

Commit Description
fix - 3f98193d6 support single quote setting in JetBrains IDEs

@​angular/build

Commit Description
fix - 8274184e1 add animate to valid self-closing elements
fix - 2648e811e add few more SVG elements animateMotion, animateTransform, and feBlend etc. to valid self-closing elements
fix - 736e126e4 separate Vite cache by project

v18.2.6

18.2.6 (2024-09-25)

@​angular/build

Commit Description
fix - 9d0b67124 allow missing HTML file request to fallback to index
fix - 5fea635b2 update rollup to 4.22.4

v18.2.5

18.2.5 (2024-09-18)

@​angular/build

Commit Description
fix - 707431625 support HTTP HEAD requests for virtual output files
fix - 1032b3da1 update vite to 5.4.6

v18.2.4

18.2.4 (2024-09-11)

@​angular/build

... (truncated)

Changelog

Sourced from @​angular-devkit/build-angular's changelog.

18.2.8 (2024-10-09)

@​schematics/angular

Commit Type Description
b522002ff fix add validation for component and directive class name
dfd2d5c05 fix include index.csr.html in resources asset group

@​angular/build

Commit Type Description
9445916f9 fix Ctrl + C not terminating dev-server with SSR
9b5cfaa8c fix always generate a new hash for optimized chunk

19.0.0-next.9 (2024-10-02)

@​angular-devkit/build-angular

Commit Type Description
0a4ef3026 feat karma-coverage w/ app builder
dcbdca85c feat karma+esbuild+watch
9d7613db9 fix zone.js/testing + karma + esbuild

@​angular/build

Commit Type Description
f63072668 feat utilize ssr.entry during prerendering to enable access to local API routes
ecfb2b261 fix add few more SVG elements animateMotion, animateTransform, and feBlend etc. to valid self-closing elements
87a90afd4 fix incomplete string escaping or encoding
c0b76e337 fix separate Vite cache by project

@​angular/ssr

Commit Type Description
50df63196 fix improve handling of route mismatches between Angular server routes and Angular router
64c52521d fix show error when multiple routes are set with RenderMode.AppShell
12ff37adb perf cache generated inline CSS for HTML

... (truncated)

Commits
  • 1e578df release: cut the v18.2.8 release
  • 9445916 fix(@​angular/build): Ctrl + C not terminating dev-server with SSR
  • 9b5cfaa fix(@​angular/build): always generate a new hash for optimized chunk
  • dfd2d5c fix(@​schematics/angular): include index.csr.html in resources asset group
  • af7e775 test: fix typo in directory name
  • b522002 fix(@​schematics/angular): add validation for component and directive class name
  • d21d1e6 release: cut the v18.2.7 release
  • e45983a docs: update license file match that of angular/angular
  • 736e126 fix(@​angular/build): separate Vite cache by project
  • 2648e81 fix(@​angular/build): add few more SVG elements animateMotion, animateTransfor...
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/center-for-threat-informed-defense/attack-workbench-frontend/network/alerts).
dependabot[bot] commented 3 weeks ago

Looks like these dependencies are up-to-date now, so this is no longer needed.